summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJakub Hrozek <jhrozek@redhat.com>2015-06-12 11:00:15 +0200
committerJakub Hrozek <jhrozek@redhat.com>2015-06-12 11:02:30 +0200
commit40f18248f6a937d84168c50958b93126766953c8 (patch)
tree4956c7b76a6764006d493840bb7918fbb451f4b9
parent602eb710c62c192060debad3062f13677ec3b105 (diff)
downloadsssd-40f18248f6a937d84168c50958b93126766953c8.tar.gz
sssd-40f18248f6a937d84168c50958b93126766953c8.tar.xz
sssd-40f18248f6a937d84168c50958b93126766953c8.zip
Updating translations for the 1.12.5 releasesssd-1_12_5
Diffstat
-rw-r--r--po/bg.po591
-rw-r--r--po/ca.po104
-rw-r--r--po/de.po591
-rw-r--r--po/es.po591
-rw-r--r--po/eu.po591
-rw-r--r--po/fr.po622
-rw-r--r--po/hu.po591
-rw-r--r--po/id.po591
-rw-r--r--po/it.po591
-rw-r--r--po/ja.po591
-rw-r--r--po/nb.po591
-rw-r--r--po/nl.po591
-rw-r--r--po/pl.po591
-rw-r--r--po/pt.po591
-rw-r--r--po/ru.po591
-rw-r--r--po/sssd.pot589
-rw-r--r--po/sv.po591
-rw-r--r--po/tg.po591
-rw-r--r--po/tr.po591
-rw-r--r--po/uk.po639
-rw-r--r--po/zh-CN.po1899
-rw-r--r--po/zh-TW.po1898
-rw-r--r--po/zh_CN.po591
-rw-r--r--po/zh_TW.po591
-rw-r--r--src/man/po/br.po1187
-rw-r--r--src/man/po/ca.po1215
-rw-r--r--src/man/po/cs.po1187
-rw-r--r--src/man/po/de.po1223
-rw-r--r--src/man/po/es.po1216
-rw-r--r--src/man/po/eu.po1187
-rw-r--r--src/man/po/fr.po1223
-rw-r--r--src/man/po/ja.po1216
-rw-r--r--src/man/po/lv.po1187
-rw-r--r--src/man/po/nl.po1187
-rw-r--r--src/man/po/pt.po1201
-rw-r--r--src/man/po/ru.po1187
-rw-r--r--src/man/po/sssd-docs.pot1155
-rw-r--r--src/man/po/tg.po1187
-rw-r--r--src/man/po/uk.po1697
-rw-r--r--src/man/po/zh-CN.po10227
-rw-r--r--src/man/po/zh_CN.po1187
41 files changed, 31841 insertions, 14417 deletions
diff --git a/po/bg.po b/po/bg.po
index 46a94bbe9..a72fba591 100644
--- a/po/bg.po
+++ b/po/bg.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2015-02-18 16:53+0100\n"
+"POT-Creation-Date: 2015-06-12 10:37+0200\n"
"PO-Revision-Date: 2014-06-04 02:04-0400\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Bulgarian (http://www.transifex.com/projects/p/sssd/language/"
@@ -18,7 +18,7 @@ msgstr ""
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"
-"X-Generator: Zanata 3.5.1\n"
+"X-Generator: Zanata 3.6.2\n"
#: src/config/SSSDConfig/__init__.py.in:43
msgid "Set the verbosity of the debug logging"
@@ -104,7 +104,7 @@ msgid "Entry cache background update timeout length (seconds)"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:67
-#: src/config/SSSDConfig/__init__.py.in:96
+#: src/config/SSSDConfig/__init__.py.in:97
msgid "Negative cache timeout length (seconds)"
msgstr ""
@@ -200,1027 +200,1039 @@ msgstr ""
msgid "List of domains accessible even for untrusted users."
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:93
+#: src/config/SSSDConfig/__init__.py.in:91
+msgid "Message printed when user account is expired."
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:94
msgid "Whether to evaluate the time-based attributes in sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:99
+#: src/config/SSSDConfig/__init__.py.in:100
msgid "Whether to hash host names and addresses in the known_hosts file"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:100
+#: src/config/SSSDConfig/__init__.py.in:101
msgid ""
"How many seconds to keep a host in the known_hosts file after its host keys "
"were requested"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:103
+#: src/config/SSSDConfig/__init__.py.in:104
msgid "List of UIDs or user names allowed to access the PAC responder"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:106
+#: src/config/SSSDConfig/__init__.py.in:107
msgid "List of UIDs or user names allowed to access the InfoPipe responder"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:107
+#: src/config/SSSDConfig/__init__.py.in:108
msgid "List of user attributes the InfoPipe is allowed to publish"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:110
+#: src/config/SSSDConfig/__init__.py.in:111
msgid "Identity provider"
msgstr "Доставчик на самоличност"
-#: src/config/SSSDConfig/__init__.py.in:111
+#: src/config/SSSDConfig/__init__.py.in:112
msgid "Authentication provider"
msgstr "Доставчик на удостоверяване"
-#: src/config/SSSDConfig/__init__.py.in:112
+#: src/config/SSSDConfig/__init__.py.in:113
msgid "Access control provider"
msgstr "Доставчик на контрол на достъп"
-#: src/config/SSSDConfig/__init__.py.in:113
+#: src/config/SSSDConfig/__init__.py.in:114
msgid "Password change provider"
msgstr "Доставчик на смяна на парола"
-#: src/config/SSSDConfig/__init__.py.in:114
+#: src/config/SSSDConfig/__init__.py.in:115
msgid "SUDO provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:115
+#: src/config/SSSDConfig/__init__.py.in:116
msgid "Autofs provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:116
+#: src/config/SSSDConfig/__init__.py.in:117
msgid "Session-loading provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:117
+#: src/config/SSSDConfig/__init__.py.in:118
msgid "Host identity provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:120
+#: src/config/SSSDConfig/__init__.py.in:121
msgid "Minimum user ID"
msgstr "Минимално ID на потребител"
-#: src/config/SSSDConfig/__init__.py.in:121
+#: src/config/SSSDConfig/__init__.py.in:122
msgid "Maximum user ID"
msgstr "Максимално ID на потребител"
-#: src/config/SSSDConfig/__init__.py.in:122
+#: src/config/SSSDConfig/__init__.py.in:123
msgid "Enable enumerating all users/groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:123
+#: src/config/SSSDConfig/__init__.py.in:124
msgid "Cache credentials for offline login"
msgstr "Кеширай идентификационни данни за офлайн влизане"
-#: src/config/SSSDConfig/__init__.py.in:124
+#: src/config/SSSDConfig/__init__.py.in:125
msgid "Store password hashes"
msgstr "Съхранявай хешове на пароли"
-#: src/config/SSSDConfig/__init__.py.in:125
+#: src/config/SSSDConfig/__init__.py.in:126
msgid "Display users/groups in fully-qualified form"
msgstr "Показвай потребители/групи в пълно -валифицирана форма"
-#: src/config/SSSDConfig/__init__.py.in:126
+#: src/config/SSSDConfig/__init__.py.in:127
msgid "Don't include group members in group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:127
-#: src/config/SSSDConfig/__init__.py.in:134
+#: src/config/SSSDConfig/__init__.py.in:128
#: src/config/SSSDConfig/__init__.py.in:135
#: src/config/SSSDConfig/__init__.py.in:136
#: src/config/SSSDConfig/__init__.py.in:137
#: src/config/SSSDConfig/__init__.py.in:138
#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "Entry cache timeout length (seconds)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:128
+#: src/config/SSSDConfig/__init__.py.in:129
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr "Ограничава или предпочита определена фамилия адреси при DNS търсения"
-#: src/config/SSSDConfig/__init__.py.in:129
+#: src/config/SSSDConfig/__init__.py.in:130
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
"Колко дни да се пазят кешираните записи след последното успешно влизане"
-#: src/config/SSSDConfig/__init__.py.in:130
+#: src/config/SSSDConfig/__init__.py.in:131
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr ""
"Колко време да чакам за отговори от DNS при търсене на сървъри (секунди)"
-#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "The domain part of service discovery DNS query"
msgstr "Частта Домейн от DNS заявката за откриване на услуга"
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "Override GID value from the identity provider with this value"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Treat usernames as case sensitive"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "How often should expired entries be refreshed in background"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "Whether to automatically update the client's DNS entry"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:142
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:143
+#: src/config/SSSDConfig/__init__.py.in:159
msgid "The TTL to apply to the client's DNS entry after updating it"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:143
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr "Интерфейсът, чийто IP да се ползва за динамични DNS обновявания"
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:145
msgid "How often to periodically update the client's DNS entry"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:146
msgid "Whether the provider should explicitly update the PTR record as well"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:147
msgid "Whether the nsupdate utility should default to using TCP"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "What kind of authentication should be used to perform the DNS update"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:148
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "Control enumeration of trusted domains"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:149
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "How often should subdomains list be refreshed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:152
+#: src/config/SSSDConfig/__init__.py.in:151
+msgid "List of options that should be inherited into a subdomain"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:154
msgid "IPA domain"
msgstr "IPA домейн"
-#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:155
msgid "IPA server address"
msgstr "Адрес на IPA сървър"
-#: src/config/SSSDConfig/__init__.py.in:154
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Address of backup IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:155
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "IPA client hostname"
msgstr "Име на хост на IPA клиент"
-#: src/config/SSSDConfig/__init__.py.in:156
+#: src/config/SSSDConfig/__init__.py.in:158
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr "Дали автоматично да се обновява клиентския DNS запис във FreeIPA"
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:161
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:160
+#: src/config/SSSDConfig/__init__.py.in:162
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:161
+#: src/config/SSSDConfig/__init__.py.in:163
msgid ""
"The amount of time in seconds between lookups of the SELinux maps against "
"the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:162
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "The automounter location this IPA client is using"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Search base for object containing info about IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:168
msgid "Search base for objects containing info about ID ranges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:167
-#: src/config/SSSDConfig/__init__.py.in:181
+#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:183
msgid "Enable DNS sites - location based service discovery"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:168
+#: src/config/SSSDConfig/__init__.py.in:170
msgid "Search base for view containers"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:171
msgid "Objectclass for view containers"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:170
+#: src/config/SSSDConfig/__init__.py.in:172
msgid "Attribute with the name of the view"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
msgid "Objectclass for override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:172
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Attribute with the reference to the original object"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:175
msgid "Objectclass for user override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:176
msgid "Objectclass for group override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "Active Directory domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "Active Directory server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "Active Directory backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "Active Directory client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:182
-#: src/config/SSSDConfig/__init__.py.in:357
+#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:360
msgid "LDAP filter to determine access privileges"
msgstr "LDAP филтър за определяне права на достъп"
-#: src/config/SSSDConfig/__init__.py.in:183
+#: src/config/SSSDConfig/__init__.py.in:185
msgid "Whether to use the Global Catalog for lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Operation mode for GPO-based access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:187
msgid ""
"The amount of time between lookups of the GPO policy files against the AD "
"server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:186
+#: src/config/SSSDConfig/__init__.py.in:188
msgid ""
"PAM service names that map to the GPO (Deny)InteractiveLogonRight policy "
"settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:189
msgid ""
"PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight "
"policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:190
msgid ""
"PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:191
msgid ""
"PAM service names that map to the GPO (Deny)BatchLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:192
msgid ""
"PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "PAM service names for which GPO-based access is always granted"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "PAM service names for which GPO-based access is always denied"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:195
msgid ""
"Default logon right (or permit/deny) to use for unmapped PAM service names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "a particular site to be used by the client"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:197
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "Kerberos server address"
msgstr "Адрес на Kerberos сървър"
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Kerberos backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "Kerberos realm"
msgstr "Kerberos област"
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "Authentication timeout"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "Whether to create kdcinfo files"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "Where to drop krb5 config snippets"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "Directory to store credential caches"
msgstr "Директория за съхранение на кеша за данни за удостоверяване"
-#: src/config/SSSDConfig/__init__.py.in:207
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "Location of the user's credential cache"
msgstr "Местоположение на кеша за данни за удостоверяване на потребители"
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:210
msgid "Location of the keytab to validate credentials"
msgstr "Местоположение на keytab за валидиране на данните за удостоверяване"
-#: src/config/SSSDConfig/__init__.py.in:209
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "Enable credential validation"
msgstr "Разреши проверката на данните за удостоверяване"
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:212
msgid "Store password if offline for later online authentication"
msgstr "Записва паролата ако е офлайн за по-късно удостоверяване"
-#: src/config/SSSDConfig/__init__.py.in:211
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:212
+#: src/config/SSSDConfig/__init__.py.in:214
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:215
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "Enables FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "Selects the principal to use for FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:218
msgid "Enables principal canonicalization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:217
+#: src/config/SSSDConfig/__init__.py.in:219
msgid "Enables enterprise principals"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:220
-#: src/config/SSSDConfig/__init__.py.in:221
+msgid "A mapping from user names to kerberos principal names"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:224
msgid "Server where the change password service is running if not on the KDC"
msgstr "Сървърът, на който работи услугата за смяна на парола ако не е на KDC"
-#: src/config/SSSDConfig/__init__.py.in:224
+#: src/config/SSSDConfig/__init__.py.in:227
msgid "ldap_uri, The URI of the LDAP server"
msgstr "ldap_uri, URI на LDAP сървъра"
-#: src/config/SSSDConfig/__init__.py.in:225
+#: src/config/SSSDConfig/__init__.py.in:228
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:226
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "The default base DN"
msgstr "Базовият DN по подразбиране"
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr "Използваният тип схема на LDAP сървъра, rfc2307"
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "The default bind DN"
msgstr "Подразбиращият се bind DN"
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "The type of the authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "The authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:231
+#: src/config/SSSDConfig/__init__.py.in:234
msgid "Length of time to attempt connection"
msgstr "Продължителност на опитите за свързване"
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Length of time to attempt synchronous LDAP operations"
msgstr "Продължителност на опитите за синхронни LDAP операции"
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "Length of time between attempts to reconnect while offline"
msgstr "Продължителност на времето между опитите за връзка докато е офлайн"
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "File that contains CA certificates"
msgstr "Файл, съдържащ CA сертификати"
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Path to CA certificate directory"
msgstr "Път до директорията на CA сертификат"
-#: src/config/SSSDConfig/__init__.py.in:237
+#: src/config/SSSDConfig/__init__.py.in:240
msgid "File that contains the client certificate"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "File that contains the client key"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "Require TLS certificate verification"
msgstr "Изисква TLS проверка на сертификат"
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "Specify the sasl mechanism to use"
msgstr "Задава за използване механизма sasl"
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "Specify the sasl authorization id to use"
msgstr "Задаване на sasl authorization id за употреба"
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "Specify the sasl authorization realm to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:244
+#: src/config/SSSDConfig/__init__.py.in:247
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Kerberos service keytab"
msgstr "keytab на Kerberos услуга"
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "Use Kerberos auth for LDAP connection"
msgstr "Ползвай Kerberos auth за LDAP връзка"
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "Follow LDAP referrals"
msgstr "Следвай LDAP референциите"
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "Lifetime of TGT for LDAP connection"
msgstr "Продължителност на живот на TGT за LDAP връзка"
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:250
+#: src/config/SSSDConfig/__init__.py.in:253
msgid "Service name for DNS service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "entryUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "lastUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:260
+#: src/config/SSSDConfig/__init__.py.in:263
msgid "Disable the LDAP paging control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "Disable Active Directory range retrieval"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "Length of time to wait for a search request"
msgstr "Продължителност на време за изчакване на заявка за търсене"
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "Length of time to wait for a enumeration request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "Length of time between enumeration updates"
msgstr "Продължителност на време между актуализации на изброяване"
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "Length of time between cache cleanups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "Require TLS for ID lookups"
msgstr "Изисква TLS за ИД справките"
-#: src/config/SSSDConfig/__init__.py.in:269
+#: src/config/SSSDConfig/__init__.py.in:272
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:270
+#: src/config/SSSDConfig/__init__.py.in:273
msgid "Base DN for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:271
+#: src/config/SSSDConfig/__init__.py.in:274
msgid "Scope of user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:272
+#: src/config/SSSDConfig/__init__.py.in:275
msgid "Filter for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:273
+#: src/config/SSSDConfig/__init__.py.in:276
msgid "Objectclass for users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Username attribute"
msgstr "атрибут Потребителско име"
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "UID attribute"
msgstr "атрибут UID"
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "Primary GID attribute"
msgstr "атрибут Първичен GID"
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "GECOS attribute"
msgstr "атрибут GECOS"
-#: src/config/SSSDConfig/__init__.py.in:279
+#: src/config/SSSDConfig/__init__.py.in:282
msgid "Home directory attribute"
msgstr "атрибут Домашна директория"
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "Shell attribute"
msgstr "атрибут Команден интерпретатор"
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
#, fuzzy
msgid "UUID attribute"
msgstr "атрибут UID"
-#: src/config/SSSDConfig/__init__.py.in:282
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:322
msgid "objectSID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Active Directory primary group attribute for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:284
+#: src/config/SSSDConfig/__init__.py.in:287
msgid "User principal attribute (for Kerberos)"
msgstr "атрибут User principal (за Kerberos)"
-#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:288
msgid "Full Name"
msgstr "Пълно име"
-#: src/config/SSSDConfig/__init__.py.in:286
+#: src/config/SSSDConfig/__init__.py.in:289
msgid "memberOf attribute"
msgstr "атрибут членНа"
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Modification time attribute"
msgstr "атрибут Момент на промяна"
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "shadowMin attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "shadowMax attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:292
+#: src/config/SSSDConfig/__init__.py.in:295
msgid "shadowWarning attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:293
+#: src/config/SSSDConfig/__init__.py.in:296
msgid "shadowInactive attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "shadowExpire attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "shadowFlag attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:296
+#: src/config/SSSDConfig/__init__.py.in:299
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:297
+#: src/config/SSSDConfig/__init__.py.in:300
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:298
+#: src/config/SSSDConfig/__init__.py.in:301
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:299
+#: src/config/SSSDConfig/__init__.py.in:302
msgid "krbPasswordExpiration attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:300
+#: src/config/SSSDConfig/__init__.py.in:303
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "accountExpires attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "nsAccountLock attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:304
+#: src/config/SSSDConfig/__init__.py.in:307
msgid "loginDisabled attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:305
+#: src/config/SSSDConfig/__init__.py.in:308
msgid "loginExpirationTime attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:306
+#: src/config/SSSDConfig/__init__.py.in:309
msgid "loginAllowedTimeMap attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "SSH public key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "A list of extra attributes to download along with the user entry"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:310
+#: src/config/SSSDConfig/__init__.py.in:313
msgid "Base DN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:313
+#: src/config/SSSDConfig/__init__.py.in:316
msgid "Objectclass for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "Group name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Group password"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid "GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:317
+#: src/config/SSSDConfig/__init__.py.in:320
msgid "Group member attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:318
+#: src/config/SSSDConfig/__init__.py.in:321
#, fuzzy
msgid "Group UUID attribute"
msgstr "атрибут UID"
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "Modification time attribute for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "Type of the group and other flags"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:323
+#: src/config/SSSDConfig/__init__.py.in:326
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Base DN for netgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Objectclass for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Netgroups members attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid "Netgroup triple attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "Modification time attribute for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:332
+#: src/config/SSSDConfig/__init__.py.in:335
msgid "Base DN for service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Objectclass for services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Service name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Service port attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Service protocol attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:339
+#: src/config/SSSDConfig/__init__.py.in:342
msgid "Lower bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:340
+#: src/config/SSSDConfig/__init__.py.in:343
msgid "Upper bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:343
+#: src/config/SSSDConfig/__init__.py.in:346
msgid "Name of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:344
+#: src/config/SSSDConfig/__init__.py.in:347
msgid "SID of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:347
+#: src/config/SSSDConfig/__init__.py.in:350
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:348
+#: src/config/SSSDConfig/__init__.py.in:351
msgid "Whether to use Token-Groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "Set lower boundary for allowed IDs from the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Set upper boundary for allowed IDs from the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:351
+#: src/config/SSSDConfig/__init__.py.in:354
msgid "DN for ppolicy queries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:354
+#: src/config/SSSDConfig/__init__.py.in:357
msgid "Policy to evaluate the password expiration"
msgstr "Политика за определяне срок на валидност на парола"
-#: src/config/SSSDConfig/__init__.py.in:358
+#: src/config/SSSDConfig/__init__.py.in:361
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:359
+#: src/config/SSSDConfig/__init__.py.in:362
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:362
+#: src/config/SSSDConfig/__init__.py.in:365
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:363
+#: src/config/SSSDConfig/__init__.py.in:366
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:364
+#: src/config/SSSDConfig/__init__.py.in:367
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:365
+#: src/config/SSSDConfig/__init__.py.in:368
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:368
+#: src/config/SSSDConfig/__init__.py.in:371
msgid "Base DN for sudo rules lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:369
+#: src/config/SSSDConfig/__init__.py.in:372
msgid "Automatic full refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:370
+#: src/config/SSSDConfig/__init__.py.in:373
msgid "Automatic smart refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:371
+#: src/config/SSSDConfig/__init__.py.in:374
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:372
+#: src/config/SSSDConfig/__init__.py.in:375
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:373
+#: src/config/SSSDConfig/__init__.py.in:376
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:374
+#: src/config/SSSDConfig/__init__.py.in:377
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:375
+#: src/config/SSSDConfig/__init__.py.in:378
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:376
+#: src/config/SSSDConfig/__init__.py.in:379
msgid "Object class for sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:377
+#: src/config/SSSDConfig/__init__.py.in:380
msgid "Sudo rule name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:378
+#: src/config/SSSDConfig/__init__.py.in:381
msgid "Sudo rule command attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:379
+#: src/config/SSSDConfig/__init__.py.in:382
msgid "Sudo rule host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:380
+#: src/config/SSSDConfig/__init__.py.in:383
msgid "Sudo rule user attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:381
+#: src/config/SSSDConfig/__init__.py.in:384
msgid "Sudo rule option attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:382
+#: src/config/SSSDConfig/__init__.py.in:385
msgid "Sudo rule runas attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:383
+#: src/config/SSSDConfig/__init__.py.in:386
msgid "Sudo rule runasuser attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:384
+#: src/config/SSSDConfig/__init__.py.in:387
msgid "Sudo rule runasgroup attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:385
+#: src/config/SSSDConfig/__init__.py.in:388
msgid "Sudo rule notbefore attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:386
+#: src/config/SSSDConfig/__init__.py.in:389
msgid "Sudo rule notafter attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:387
+#: src/config/SSSDConfig/__init__.py.in:390
msgid "Sudo rule order attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:390
+#: src/config/SSSDConfig/__init__.py.in:393
msgid "Object class for automounter maps"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:391
+#: src/config/SSSDConfig/__init__.py.in:394
msgid "Automounter map name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:392
+#: src/config/SSSDConfig/__init__.py.in:395
msgid "Object class for automounter map entries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:393
+#: src/config/SSSDConfig/__init__.py.in:396
msgid "Automounter map entry key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:394
+#: src/config/SSSDConfig/__init__.py.in:397
msgid "Automounter map entry value attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:395
+#: src/config/SSSDConfig/__init__.py.in:398
msgid "Base DN for automounter map lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:398
+#: src/config/SSSDConfig/__init__.py.in:401
msgid "Comma separated list of allowed users"
msgstr "Списък разрешени потребители, разделени със запетая"
-#: src/config/SSSDConfig/__init__.py.in:399
+#: src/config/SSSDConfig/__init__.py.in:402
msgid "Comma separated list of prohibited users"
msgstr "Списък забранени потребители, разделени със запетая"
-#: src/config/SSSDConfig/__init__.py.in:402
+#: src/config/SSSDConfig/__init__.py.in:405
msgid "Default shell, /bin/bash"
msgstr "Подразбиращ се команден интерпретатор, /bin/bash"
-#: src/config/SSSDConfig/__init__.py.in:403
+#: src/config/SSSDConfig/__init__.py.in:406
msgid "Base for home directories"
msgstr "Място за домашните директории"
-#: src/config/SSSDConfig/__init__.py.in:406
+#: src/config/SSSDConfig/__init__.py.in:409
msgid "The name of the NSS library to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:407
+#: src/config/SSSDConfig/__init__.py.in:410
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:410
+#: src/config/SSSDConfig/__init__.py.in:413
msgid "PAM stack to use"
msgstr ""
@@ -1240,26 +1252,26 @@ msgstr "Задаване на друг (не подразбиращия се) к
msgid "Print version number and exit"
msgstr ""
-#: src/providers/krb5/krb5_child.c:2342 src/providers/ldap/ldap_child.c:589
+#: src/providers/krb5/krb5_child.c:2342 src/providers/ldap/ldap_child.c:609
#: src/util/util.h:108
msgid "Debug level"
msgstr "Ниво на debug"
-#: src/providers/krb5/krb5_child.c:2344 src/providers/ldap/ldap_child.c:591
+#: src/providers/krb5/krb5_child.c:2344 src/providers/ldap/ldap_child.c:611
#: src/util/util.h:114
msgid "Add debug timestamps"
msgstr ""
-#: src/providers/krb5/krb5_child.c:2346 src/providers/ldap/ldap_child.c:593
+#: src/providers/krb5/krb5_child.c:2346 src/providers/ldap/ldap_child.c:613
#: src/util/util.h:116
msgid "Show timestamps with microseconds"
msgstr ""
-#: src/providers/krb5/krb5_child.c:2348 src/providers/ldap/ldap_child.c:595
+#: src/providers/krb5/krb5_child.c:2348 src/providers/ldap/ldap_child.c:615
msgid "An open file descriptor for the debug logs"
msgstr ""
-#: src/providers/krb5/krb5_child.c:2351 src/providers/ldap/ldap_child.c:597
+#: src/providers/krb5/krb5_child.c:2351 src/providers/ldap/ldap_child.c:617
#: src/util/util.h:112
msgid "Send the debug output to stderr directly."
msgstr ""
@@ -1272,99 +1284,104 @@ msgstr ""
msgid "The group to create FAST ccache as"
msgstr ""
-#: src/providers/data_provider_be.c:2833
+#: src/providers/data_provider_be.c:2834
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:969
+#: src/sss_client/common.c:971
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:972
+#: src/sss_client/common.c:974
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:975
+#: src/sss_client/common.c:977
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:978
+#: src/sss_client/common.c:980
msgid "SSSD is not run by root."
msgstr "SSSD не е стартиран като root."
-#: src/sss_client/common.c:983
+#: src/sss_client/common.c:985
msgid "An error occurred, but no description can be found."
msgstr "Възникнала е грешка, но не може да се намери описание."
-#: src/sss_client/common.c:989
+#: src/sss_client/common.c:991
msgid "Unexpected error while looking for an error description"
msgstr "Неочаквана грешка при търсене на описание на грешка"
-#: src/sss_client/pam_sss.c:398
+#: src/sss_client/pam_sss.c:63
+msgid "Permission denied. "
+msgstr ""
+
+#: src/sss_client/pam_sss.c:64 src/sss_client/pam_sss.c:883
+#: src/sss_client/pam_sss.c:894
+msgid "Server message: "
+msgstr "Съобщение от сървъра:"
+
+#: src/sss_client/pam_sss.c:401
msgid "Passwords do not match"
msgstr "Паролите не съвпадат"
-#: src/sss_client/pam_sss.c:586
+#: src/sss_client/pam_sss.c:589
msgid "Password reset by root is not supported."
msgstr "Промяна на паролата от root не се поддържа."
-#: src/sss_client/pam_sss.c:627
+#: src/sss_client/pam_sss.c:630
msgid "Authenticated with cached credentials"
msgstr "Удостоверен с кеширани идентификационни данни"
-#: src/sss_client/pam_sss.c:628
+#: src/sss_client/pam_sss.c:631
msgid ", your cached password will expire at: "
msgstr ", кешираната парола ще изтече на: "
-#: src/sss_client/pam_sss.c:658
+#: src/sss_client/pam_sss.c:661
#, c-format
msgid "Your password has expired. You have %1$d grace login(s) remaining."
msgstr ""
-#: src/sss_client/pam_sss.c:704
+#: src/sss_client/pam_sss.c:707
#, c-format
msgid "Your password will expire in %1$d %2$s."
msgstr ""
-#: src/sss_client/pam_sss.c:753
+#: src/sss_client/pam_sss.c:756
msgid "Authentication is denied until: "
msgstr "Удостоверяването е забранено до: "
-#: src/sss_client/pam_sss.c:774
+#: src/sss_client/pam_sss.c:777
msgid "System is offline, password change not possible"
msgstr "Системата е офлайн, промяна на паролата не е възможна"
-#: src/sss_client/pam_sss.c:789
+#: src/sss_client/pam_sss.c:792
msgid ""
"After changing the OTP password, you need to log out and back in order to "
"acquire a ticket"
msgstr ""
-#: src/sss_client/pam_sss.c:820 src/sss_client/pam_sss.c:833
+#: src/sss_client/pam_sss.c:880 src/sss_client/pam_sss.c:893
msgid "Password change failed. "
msgstr "Промяната на паролата не успя."
-#: src/sss_client/pam_sss.c:823 src/sss_client/pam_sss.c:834
-msgid "Server message: "
-msgstr "Съобщение от сървъра:"
-
-#: src/sss_client/pam_sss.c:1274
+#: src/sss_client/pam_sss.c:1336
msgid "New Password: "
msgstr "Нова парола:"
-#: src/sss_client/pam_sss.c:1275
+#: src/sss_client/pam_sss.c:1337
msgid "Reenter new Password: "
msgstr "Отново новата парола:"
-#: src/sss_client/pam_sss.c:1374
+#: src/sss_client/pam_sss.c:1436
msgid "Password: "
msgstr "Парола:"
-#: src/sss_client/pam_sss.c:1406
+#: src/sss_client/pam_sss.c:1468
msgid "Current Password: "
msgstr "Текуща парола:"
-#: src/sss_client/pam_sss.c:1582
+#: src/sss_client/pam_sss.c:1644
msgid "Password expired. Change your password now."
msgstr "Паролата Ви е остаряла. Сменете я сега."
diff --git a/po/ca.po b/po/ca.po
index 2a911a2db..1fc08dcd6 100644
--- a/po/ca.po
+++ b/po/ca.po
@@ -8,7 +8,7 @@
# muzzol <muzzol@gmail.com>, 2012
# sgallagh <sgallagh@redhat.com>, 2011
# sgallagh <sgallagh@redhat.com>, 2011
-# Robert Antoni Buj Gelonch <robert.buj@gmail.com>, 2015. #zanata
+# Robert Antoni Buj Gelonch <rbuj@fedoraproject.org>, 2015. #zanata
msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
@@ -17,13 +17,13 @@ msgstr ""
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
-"PO-Revision-Date: 2015-01-31 02:39-0500\n"
-"Last-Translator: Robert Antoni Buj Gelonch <robert.buj@gmail.com>\n"
+"PO-Revision-Date: 2015-05-10 06:20-0400\n"
+"Last-Translator: Robert Antoni Buj Gelonch <rbuj@fedoraproject.org>\n"
"Language-Team: Catalan (http://www.transifex.com/projects/p/sssd/language/ca/"
")\n"
"Language: ca\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"
-"X-Generator: Zanata 3.5.1\n"
+"X-Generator: Zanata 3.6.2\n"
#: src/config/SSSDConfig/__init__.py.in:40
msgid "Set the verbosity of the debug logging"
@@ -236,21 +236,21 @@ msgstr ""
#: src/config/SSSDConfig/__init__.py.in:89
msgid "Whether to evaluate the time-based attributes in sudo rules"
-msgstr "Si s'han d'avaluar els atributs de temps a les regles sudo"
+msgstr "Si s'avaluen els atributs basats en temps a les regles sudo"
#: src/config/SSSDConfig/__init__.py.in:95
msgid "Whether to hash host names and addresses in the known_hosts file"
msgstr ""
-"Si s'han d'utilitzar els algoritmes hash als noms d'ordinadors i a les "
-"adreces dins el fitxer known_hosts"
+"Si s'utilitzen els algoritmes hash als noms i adreces dels amfitrions al "
+"fitxer known_hosts"
#: src/config/SSSDConfig/__init__.py.in:96
msgid ""
"How many seconds to keep a host in the known_hosts file after its host keys "
"were requested"
msgstr ""
-"Quants segons s'ha de mantenir una màquina a l'arxiu de known_hosts després "
-"que s'ha sol·licitat la seva clau"
+"Quants segons s'ha de mantenir un amfitrió al fitxer known_hosts després que "
+"s'hagi sol·licitat la seva clau"
#: src/config/SSSDConfig/__init__.py.in:99
msgid "List of UIDs or user names allowed to access the PAC responder"
@@ -298,7 +298,7 @@ msgstr "Proveïdor de càrrega de sessió"
#: src/config/SSSDConfig/__init__.py.in:113
msgid "Host identity provider"
-msgstr "Proveïdor d'identitat d'ordinadors"
+msgstr "Proveïdor d'identitat d'amfitrions"
#: src/config/SSSDConfig/__init__.py.in:116
msgid "Minimum user ID"
@@ -374,7 +374,7 @@ msgstr ""
#: src/config/SSSDConfig/__init__.py.in:137
msgid "Whether to automatically update the client's DNS entry"
-msgstr ""
+msgstr "Si s'actualitza automàticament l'entrada DND del client"
#: src/config/SSSDConfig/__init__.py.in:138
#: src/config/SSSDConfig/__init__.py.in:153
@@ -398,19 +398,21 @@ msgstr ""
#: src/config/SSSDConfig/__init__.py.in:142
msgid "Whether the nsupdate utility should default to using TCP"
-msgstr ""
+msgstr "Si la utilitat nsupdate per defecte ha d'utilitzar TCP"
#: src/config/SSSDConfig/__init__.py.in:143
msgid "What kind of authentication should be used to perform the DNS update"
msgstr ""
+"Quin tipus d'autentificació s'ha d'utilitzar per realitzar l'actualització "
+"del DNS"
#: src/config/SSSDConfig/__init__.py.in:144
msgid "Control enumeration of trusted domains"
-msgstr ""
+msgstr "Enumeració de control dels amfitrions de confiança"
#: src/config/SSSDConfig/__init__.py.in:145
msgid "How often should subdomains list be refreshed"
-msgstr ""
+msgstr "Amb quina freqüència s'ha de refrescar la llista dels subdominis"
#: src/config/SSSDConfig/__init__.py.in:148
msgid "IPA domain"
@@ -426,11 +428,11 @@ msgstr "Adreça del servidor IPA de reserva "
#: src/config/SSSDConfig/__init__.py.in:151
msgid "IPA client hostname"
-msgstr "Nom d'ordinador del client IPA"
+msgstr "Nom d'amfitrió del client IPA"
#: src/config/SSSDConfig/__init__.py.in:152
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
-msgstr "Si actualitzar automàticament l'entrada DNS del client a FreeIPA"
+msgstr "Si s'actualitza automàticament l'entrada DNS del client a FreeIPA"
#: src/config/SSSDConfig/__init__.py.in:155
msgid "Search base for HBAC related objects"
@@ -455,7 +457,8 @@ msgstr "Si les regles DENY són presents, o DENY_ALL o IGNORE"
#: src/config/SSSDConfig/__init__.py.in:159
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
-"Si s'estableix a fals, l'argument d'ordinador facilitat per PAM serà ignorat"
+"Si s'estableix a fals, s'ignorarà l'argument de l'amfitrió proporcionat amb "
+"PAM"
#: src/config/SSSDConfig/__init__.py.in:160
msgid "The automounter location this IPA client is using"
@@ -476,6 +479,8 @@ msgstr ""
#: src/config/SSSDConfig/__init__.py.in:177
msgid "Enable DNS sites - location based service discovery"
msgstr ""
+"Habilita els llocs DNS - la localització es basa en el descobriment del "
+"servei"
#: src/config/SSSDConfig/__init__.py.in:164
msgid "Search base for view containers"
@@ -483,11 +488,11 @@ msgstr ""
#: src/config/SSSDConfig/__init__.py.in:165
msgid "Objectclass for view containers"
-msgstr ""
+msgstr "Objectclass per veure els contenidors"
#: src/config/SSSDConfig/__init__.py.in:166
msgid "Attribute with the name of the view"
-msgstr ""
+msgstr "Atribut amb el nom de la vista"
#: src/config/SSSDConfig/__init__.py.in:167
msgid "Objectclass for override objects"
@@ -507,19 +512,19 @@ msgstr ""
#: src/config/SSSDConfig/__init__.py.in:173
msgid "Active Directory domain"
-msgstr "Domini d'Active Directory"
+msgstr "Domini Active Directory"
#: src/config/SSSDConfig/__init__.py.in:174
msgid "Active Directory server address"
-msgstr "Adreça de servidor d'Active Directory"
+msgstr "Adreça del servidor de l'Active Directory"
#: src/config/SSSDConfig/__init__.py.in:175
msgid "Active Directory backup server address"
-msgstr "Adreça del servidor d'Active Directory de reserva"
+msgstr "Adreça del servidor de l'Active Directory de reserva"
#: src/config/SSSDConfig/__init__.py.in:176
msgid "Active Directory client hostname"
-msgstr "Nom de màquina del client d'Active Directory"
+msgstr "Nom d'amfitrió del client d'Active Directory"
#: src/config/SSSDConfig/__init__.py.in:178
#: src/config/SSSDConfig/__init__.py.in:348
@@ -532,7 +537,7 @@ msgstr ""
#: src/config/SSSDConfig/__init__.py.in:180
msgid "Operation mode for GPO-based access control"
-msgstr ""
+msgstr "Mode d'operació per al control d'accés basat en GPO"
#: src/config/SSSDConfig/__init__.py.in:181
msgid ""
@@ -601,7 +606,7 @@ msgstr "Temps d'espera de la autenticació"
#: src/config/SSSDConfig/__init__.py.in:196
msgid "Whether to create kdcinfo files"
-msgstr ""
+msgstr "Si es creen els fitxers kdcinfo"
#: src/config/SSSDConfig/__init__.py.in:199
msgid "Directory to store credential caches"
@@ -651,7 +656,7 @@ msgstr "Activa la canonització del principal"
#: src/config/SSSDConfig/__init__.py.in:210
msgid "Enables enterprise principals"
-msgstr ""
+msgstr "Habilita els principals empresarials"
#: src/config/SSSDConfig/__init__.py.in:213
#: src/config/SSSDConfig/__init__.py.in:214
@@ -785,7 +790,7 @@ msgid ""
"host name during a SASL bind"
msgstr ""
"Si la biblioteca LDAP hauria de realitzar una petició inversa per "
-"canonalitzar el nom d'ordinador durant la connexió SASL"
+"canonalitzar el nom d'amfitrió durant la creació de l'enllaç SASL"
#: src/config/SSSDConfig/__init__.py.in:248
msgid "entryUSN attribute"
@@ -808,7 +813,7 @@ msgstr "Desactiva el control de paginació LDAP"
#: src/config/SSSDConfig/__init__.py.in:254
msgid "Disable Active Directory range retrieval"
-msgstr ""
+msgstr "Inhabilita la recuperació del rang de l'Active Directory"
#: src/config/SSSDConfig/__init__.py.in:257
msgid "Length of time to wait for a search request"
@@ -881,7 +886,7 @@ msgstr "Atribut de l'objectSID"
#: src/config/SSSDConfig/__init__.py.in:275
msgid "Active Directory primary group attribute for ID-mapping"
-msgstr "Atribut del grup primari de l'Active Directory per mapejat d'IDs"
+msgstr "Atribut del grup primari de l'Active Directory per assignació d'Ids."
#: src/config/SSSDConfig/__init__.py.in:276
msgid "User principal attribute (for Kerberos)"
@@ -933,7 +938,7 @@ msgstr "Atribut que llista els serveis PAM autoritzats"
#: src/config/SSSDConfig/__init__.py.in:289
msgid "Attribute listing authorized server hosts"
-msgstr "Atribut que llista els servidors autoritzats"
+msgstr "Llista els atributs dels amfitrions servidors autoritzats"
#: src/config/SSSDConfig/__init__.py.in:290
msgid "krbLastPwdChange attribute"
@@ -1106,7 +1111,7 @@ msgstr ""
#: src/config/SSSDConfig/__init__.py.in:342
msgid "DN for ppolicy queries"
-msgstr ""
+msgstr "DN per a les consultes ppolicy"
#: src/config/SSSDConfig/__init__.py.in:345
msgid "Policy to evaluate the password expiration"
@@ -1138,8 +1143,8 @@ msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr ""
-"Si voleu actualitzar l'atribut ldap_user_shadow_last_change després d'un "
-"canvi de contrasenya"
+"Si s'actualitza l'atribut ldap_user_shadow_last_change després d'un canvi de "
+"contrasenya"
#: src/config/SSSDConfig/__init__.py.in:359
msgid "Base DN for sudo rules lookups"
@@ -1155,15 +1160,15 @@ msgstr "Període d'actualització automàtica intel·ligent"
#: src/config/SSSDConfig/__init__.py.in:362
msgid "Whether to filter rules by hostname, IP addresses and network"
-msgstr "Si voleu filtrar les normes per nom de màquina, adreça IP i xarxa"
+msgstr "Si es filtren les regles per nom d'amfitrió, adreça IP i xarxa"
#: src/config/SSSDConfig/__init__.py.in:363
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
msgstr ""
-"Noms de màquina i/o noms de domini plenament qualificat d'aquesta màquina "
-"per filtrar regles de sudo"
+"Noms d'amfitrió i/o noms de domini plenament qualificat d'aquesta màquina "
+"per filtrar les regles de sudo"
#: src/config/SSSDConfig/__init__.py.in:364
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
@@ -1173,14 +1178,14 @@ msgstr ""
#: src/config/SSSDConfig/__init__.py.in:365
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
-"Si voleu incloure regles que contenen netgroup en l'atribut de màquina"
+"Si s'inclouen les regles que contenen netgroup en l'atribut de l'amfitrió"
#: src/config/SSSDConfig/__init__.py.in:366
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
-"Si voleu incloure regles que contenen expressions regulars en l'atribut de "
-"màquina"
+"Si s'inclouen les regles que contenen expressions regulars en l'atribut de "
+"l'amfitrió"
#: src/config/SSSDConfig/__init__.py.in:367
msgid "Object class for sudo rules"
@@ -1196,7 +1201,7 @@ msgstr "Attribut de la comanda de la regla sudo"
#: src/config/SSSDConfig/__init__.py.in:370
msgid "Sudo rule host attribute"
-msgstr "Atribut de l'ordinador de la regla sudo"
+msgstr "Atribut d'amfitrió de la regla sudo"
#: src/config/SSSDConfig/__init__.py.in:371
msgid "Sudo rule user attribute"
@@ -1208,7 +1213,7 @@ msgstr "Atribut de l'opció de la regla sudo"
#: src/config/SSSDConfig/__init__.py.in:373
msgid "Sudo rule runas attribute"
-msgstr ""
+msgstr "Atribut runas de la regla sudo"
#: src/config/SSSDConfig/__init__.py.in:374
msgid "Sudo rule runasuser attribute"
@@ -1276,7 +1281,8 @@ msgstr "El nom de la biblioteca NSS a utilitzar"
#: src/config/SSSDConfig/__init__.py.in:398
msgid "Whether to look up canonical group name from cache if possible"
-msgstr "Cercar nom de grup canònic al cau si és possible"
+msgstr ""
+"Si es cerca el nom del grup canònic des de la memòria cau, si és possible"
#: src/config/SSSDConfig/__init__.py.in:401
msgid "PAM stack to use"
@@ -1457,7 +1463,7 @@ msgstr "S'ha produït un error en cercar les claus públiques\n"
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:194
msgid "The port to use to connect to the host"
-msgstr "El port a utilitzar per connectar-se a l'ordinador"
+msgstr "El port a utilitzar per connectar-se a l'amfitrió"
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:238
msgid "Invalid port\n"
@@ -1465,7 +1471,7 @@ msgstr "Port invàlid\n"
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:243
msgid "Host not specified\n"
-msgstr "No s'ha especificat l'ordinador\n"
+msgstr "No s'ha especificat l'amfitrió\n"
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:249
msgid "The path to the proxy command must be absolute\n"
@@ -1869,7 +1875,7 @@ msgstr ""
#: src/tools/sss_usermod.c:117 src/tools/sss_usermod.c:126
#: src/tools/sss_usermod.c:135
msgid "Specify the attribute name/value pair(s)\n"
-msgstr ""
+msgstr "Especifica les parelles nom/valor de l'atribut\n"
#: src/tools/sss_usermod.c:152
msgid "Specify user to modify\n"
@@ -1915,6 +1921,8 @@ msgstr "No s'ha pogut invalidar %1$s %2$s"
#: src/tools/sss_cache.c:588
msgid "Invalidate all cached entries except for sudo rules"
msgstr ""
+"Invalida totes les entrades de la memòria cau amb l'excepció de les regles "
+"sudo"
#: src/tools/sss_cache.c:590
msgid "Invalidate particular user"
@@ -1958,11 +1966,11 @@ msgstr "Invalida tots els mapes autofs"
#: src/tools/sss_cache.c:613
msgid "Invalidate particular SSH host"
-msgstr ""
+msgstr "Invalida un determinat amfitrió SSH"
#: src/tools/sss_cache.c:615
msgid "Invalidate all SSH hosts"
-msgstr ""
+msgstr "Invalida tots els amfitrions SSH"
#: src/tools/sss_cache.c:618
msgid "Only invalidate entries from a particular domain"
@@ -1993,7 +2001,7 @@ msgstr "Especificau el nivell de depuració que voleu establir\n"
#: src/tools/sss_debuglevel.c:102
msgid "Only one argument expected\n"
-msgstr ""
+msgstr "Tan sols s'esperava un argument\n"
#: src/tools/tools_util.c:204
#, c-format
diff --git a/po/de.po b/po/de.po
index 2c468e01c..d03015ac2 100644
--- a/po/de.po
+++ b/po/de.po
@@ -10,7 +10,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2015-02-18 16:53+0100\n"
+"POT-Creation-Date: 2015-06-12 10:37+0200\n"
"PO-Revision-Date: 2014-06-08 11:50-0400\n"
"Last-Translator: Mario Blättermann <mario.blaettermann@gmail.com>\n"
"Language-Team: German (http://www.transifex.com/projects/p/sssd/language/"
@@ -20,7 +20,7 @@ msgstr ""
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"
-"X-Generator: Zanata 3.5.1\n"
+"X-Generator: Zanata 3.6.2\n"
#: src/config/SSSDConfig/__init__.py.in:43
msgid "Set the verbosity of the debug logging"
@@ -114,7 +114,7 @@ msgstr ""
"Zeitspanne für die Aktualisierung des Eintrags-Zwischenspeichers (Sekunden)"
#: src/config/SSSDConfig/__init__.py.in:67
-#: src/config/SSSDConfig/__init__.py.in:96
+#: src/config/SSSDConfig/__init__.py.in:97
msgid "Negative cache timeout length (seconds)"
msgstr "Zeitspanne für den negativen Zwischenspeicher (Sekunden)"
@@ -228,18 +228,22 @@ msgstr ""
msgid "List of domains accessible even for untrusted users."
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:93
+#: src/config/SSSDConfig/__init__.py.in:91
+msgid "Message printed when user account is expired."
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:94
msgid "Whether to evaluate the time-based attributes in sudo rules"
msgstr ""
"Gibt an, ob zeitbasierte Attribute in Sudo-Regeln berechnet werden sollen"
-#: src/config/SSSDConfig/__init__.py.in:99
+#: src/config/SSSDConfig/__init__.py.in:100
msgid "Whether to hash host names and addresses in the known_hosts file"
msgstr ""
"Gibt an, ob Prüfsummen von Hostnamen und Adressen in der Datei known_hosts "
"gespeichert werden"
-#: src/config/SSSDConfig/__init__.py.in:100
+#: src/config/SSSDConfig/__init__.py.in:101
msgid ""
"How many seconds to keep a host in the known_hosts file after its host keys "
"were requested"
@@ -247,206 +251,210 @@ msgstr ""
"Anzahl der Sekunden, die ein Rechner in der Datei known_host behalten werden "
"soll, nachdem dessen Schlüssel abgefragt wurden"
-#: src/config/SSSDConfig/__init__.py.in:103
+#: src/config/SSSDConfig/__init__.py.in:104
msgid "List of UIDs or user names allowed to access the PAC responder"
msgstr ""
"Liste von Benutzer-IDs oder Benutzernamen für den Zugriff auf den PAC-"
"Responder"
-#: src/config/SSSDConfig/__init__.py.in:106
+#: src/config/SSSDConfig/__init__.py.in:107
msgid "List of UIDs or user names allowed to access the InfoPipe responder"
msgstr ""
"Liste von Benutzer-IDs oder Benutzernamen für den Zugriff auf den InfoPipe-"
"Responder"
-#: src/config/SSSDConfig/__init__.py.in:107
+#: src/config/SSSDConfig/__init__.py.in:108
msgid "List of user attributes the InfoPipe is allowed to publish"
msgstr "Liste der Benutzerattribute, die InfoPipe veröffentlichen darf"
-#: src/config/SSSDConfig/__init__.py.in:110
+#: src/config/SSSDConfig/__init__.py.in:111
msgid "Identity provider"
msgstr "Identitäts-Anbieter"
-#: src/config/SSSDConfig/__init__.py.in:111
+#: src/config/SSSDConfig/__init__.py.in:112
msgid "Authentication provider"
msgstr "Authentifizierungs-Anbieter"
-#: src/config/SSSDConfig/__init__.py.in:112
+#: src/config/SSSDConfig/__init__.py.in:113
msgid "Access control provider"
msgstr "Zugriffskontroll-Anbieter"
-#: src/config/SSSDConfig/__init__.py.in:113
+#: src/config/SSSDConfig/__init__.py.in:114
msgid "Password change provider"
msgstr "Passwortänderungs-Anbieter"
-#: src/config/SSSDConfig/__init__.py.in:114
+#: src/config/SSSDConfig/__init__.py.in:115
msgid "SUDO provider"
msgstr "SUDO-Anbieter"
-#: src/config/SSSDConfig/__init__.py.in:115
+#: src/config/SSSDConfig/__init__.py.in:116
msgid "Autofs provider"
msgstr "Autofs-Anbieter"
-#: src/config/SSSDConfig/__init__.py.in:116
+#: src/config/SSSDConfig/__init__.py.in:117
msgid "Session-loading provider"
msgstr "Anbieter für das Laden der Sitzung"
-#: src/config/SSSDConfig/__init__.py.in:117
+#: src/config/SSSDConfig/__init__.py.in:118
msgid "Host identity provider"
msgstr "Rechner-Identitäts-Anbieter"
-#: src/config/SSSDConfig/__init__.py.in:120
+#: src/config/SSSDConfig/__init__.py.in:121
msgid "Minimum user ID"
msgstr "Minimale Benutzer‐ID"
-#: src/config/SSSDConfig/__init__.py.in:121
+#: src/config/SSSDConfig/__init__.py.in:122
msgid "Maximum user ID"
msgstr "Maximale Benutzer‐ID"
-#: src/config/SSSDConfig/__init__.py.in:122
+#: src/config/SSSDConfig/__init__.py.in:123
msgid "Enable enumerating all users/groups"
msgstr "Auflistung aller Benutzer/Gruppen aktivieren"
-#: src/config/SSSDConfig/__init__.py.in:123
+#: src/config/SSSDConfig/__init__.py.in:124
msgid "Cache credentials for offline login"
msgstr "Zwischengespeicherte Anmeldedaten für Offline-Anmeldung"
-#: src/config/SSSDConfig/__init__.py.in:124
+#: src/config/SSSDConfig/__init__.py.in:125
msgid "Store password hashes"
msgstr "Passwort-Prüfsummen speichern"
-#: src/config/SSSDConfig/__init__.py.in:125
+#: src/config/SSSDConfig/__init__.py.in:126
msgid "Display users/groups in fully-qualified form"
msgstr "Benutzer/Gruppen in voll ausgeschriebener Form anzeigen"
-#: src/config/SSSDConfig/__init__.py.in:126
+#: src/config/SSSDConfig/__init__.py.in:127
msgid "Don't include group members in group lookups"
msgstr "Gruppenmitglieder in Gruppen-Suchanfragen nicht einschließen"
-#: src/config/SSSDConfig/__init__.py.in:127
-#: src/config/SSSDConfig/__init__.py.in:134
+#: src/config/SSSDConfig/__init__.py.in:128
#: src/config/SSSDConfig/__init__.py.in:135
#: src/config/SSSDConfig/__init__.py.in:136
#: src/config/SSSDConfig/__init__.py.in:137
#: src/config/SSSDConfig/__init__.py.in:138
#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "Entry cache timeout length (seconds)"
msgstr "Zeitspanne für den Eintrags-Zwischenspeicher (Sekunden)"
-#: src/config/SSSDConfig/__init__.py.in:128
+#: src/config/SSSDConfig/__init__.py.in:129
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr ""
"Eine spezifische Adressfamilie beim Ausführen von DNS-Suchanfragen "
"beschränken oder bevorzugen"
-#: src/config/SSSDConfig/__init__.py.in:129
+#: src/config/SSSDConfig/__init__.py.in:130
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
"Gibt die Anzahl der Tage an, wie lange zwischengespeicherte Einträge nach "
"der letzten Anmeldung aufbewahrt werden"
-#: src/config/SSSDConfig/__init__.py.in:130
+#: src/config/SSSDConfig/__init__.py.in:131
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr ""
"Gibt die Anzahl Sekunden an, wie lange beim Auflösen von Servernamen auf "
"Antworten vom DNS-Dienst gewartet werden soll"
-#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "The domain part of service discovery DNS query"
msgstr "Der Domain-Teil der DNS-Abfrage zur Dienstsuche"
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "Override GID value from the identity provider with this value"
msgstr ""
"Den Gruppen-ID-Wert des Identitäts-Anbieters mit diesem Wert überschreiben"
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Treat usernames as case sensitive"
msgstr "Groß-/Kleinschreibung in Benutzernamen berücksichtigen"
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "How often should expired entries be refreshed in background"
msgstr "Anzahl der Auffrischung abgelaufener Einträge im Hintergrund"
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "Whether to automatically update the client's DNS entry"
msgstr "Automatische Aktualisierung des DNS-Eintrags des Clients"
-#: src/config/SSSDConfig/__init__.py.in:142
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:143
+#: src/config/SSSDConfig/__init__.py.in:159
msgid "The TTL to apply to the client's DNS entry after updating it"
msgstr ""
"Die auf den DNS-Eintrag des Clients anzuwendende TTL, nachdem dieser "
"aktualisiert wurde"
-#: src/config/SSSDConfig/__init__.py.in:143
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
"Schnittstelle, deren IP für dynamische DNS-Aktualisierungen verwendet werden "
"soll"
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:145
msgid "How often to periodically update the client's DNS entry"
msgstr "Gibt an, wie oft der DNS-Eintrag des Clients aktualisiert werden soll"
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:146
msgid "Whether the provider should explicitly update the PTR record as well"
msgstr ""
"Gibt an, ob der Anbieter den PTR-Datensatz ebenfalls explizit aktualisieren "
"soll"
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:147
msgid "Whether the nsupdate utility should default to using TCP"
msgstr "Gibt an, ob das nsupdate-Dienstprogramm per Vorgabe TCP verwenden soll"
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "What kind of authentication should be used to perform the DNS update"
msgstr ""
"Gibt an, welche Art der Authentifizierung bei der DNS-Aktualisierung "
"verwendet werden soll"
-#: src/config/SSSDConfig/__init__.py.in:148
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "Control enumeration of trusted domains"
msgstr "Aufzählung vertrauenswürdiger Domains steuern"
-#: src/config/SSSDConfig/__init__.py.in:149
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "How often should subdomains list be refreshed"
msgstr "Anzahl der Auffrischung der Subdomain-Liste"
-#: src/config/SSSDConfig/__init__.py.in:152
+#: src/config/SSSDConfig/__init__.py.in:151
+msgid "List of options that should be inherited into a subdomain"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:154
msgid "IPA domain"
msgstr "IPA-Domain"
-#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:155
msgid "IPA server address"
msgstr "IPA-Serveradresse"
-#: src/config/SSSDConfig/__init__.py.in:154
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Address of backup IPA server"
msgstr "Adresse des Ersatz-IPA-Servers"
-#: src/config/SSSDConfig/__init__.py.in:155
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "IPA client hostname"
msgstr "IPA-Client-Rechnername"
-#: src/config/SSSDConfig/__init__.py.in:156
+#: src/config/SSSDConfig/__init__.py.in:158
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
"Gibt an, ob der DNS-Eintrag des Clients in FreeIPA automatisch aktualisiert "
"werden soll"
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:161
msgid "Search base for HBAC related objects"
msgstr "Suchbasis für HBAC-bezogene Objekte"
-#: src/config/SSSDConfig/__init__.py.in:160
+#: src/config/SSSDConfig/__init__.py.in:162
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr "Die Zeitspanne zwischen Suchanfragen der HBAC-Regeln an den IPA-Server"
-#: src/config/SSSDConfig/__init__.py.in:161
+#: src/config/SSSDConfig/__init__.py.in:163
msgid ""
"The amount of time in seconds between lookups of the SELinux maps against "
"the IPA server"
@@ -454,340 +462,344 @@ msgstr ""
"Die Zeitspanne in Sekunden zwischen Suchanfragen der SELinux-Zuweisung an "
"den IPA-Server"
-#: src/config/SSSDConfig/__init__.py.in:162
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr "Falls DENY-Regeln vorhanden sind, entweder DENY_ALL oder IGNORE"
-#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
"Falls auf »false« gesetzt, wird das von PAM angegebene Host-Argument "
"ignoriert"
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "The automounter location this IPA client is using"
msgstr "Der Automounter-Ort, den dieser IPA-Client verwendet"
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Search base for object containing info about IPA domain"
msgstr ""
"Suchbasis für Objekte, die Informationen über eine IPA-Domain enthalten"
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:168
msgid "Search base for objects containing info about ID ranges"
msgstr "Suchbasis für Objekte, die Informationen über ID-Bereiche enthalten"
-#: src/config/SSSDConfig/__init__.py.in:167
-#: src/config/SSSDConfig/__init__.py.in:181
+#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:183
msgid "Enable DNS sites - location based service discovery"
msgstr "DNS-Sites aktivieren – standortbasierte Dienstsuche"
-#: src/config/SSSDConfig/__init__.py.in:168
+#: src/config/SSSDConfig/__init__.py.in:170
msgid "Search base for view containers"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:171
msgid "Objectclass for view containers"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:170
+#: src/config/SSSDConfig/__init__.py.in:172
msgid "Attribute with the name of the view"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
msgid "Objectclass for override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:172
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Attribute with the reference to the original object"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:175
msgid "Objectclass for user override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:176
msgid "Objectclass for group override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "Active Directory domain"
msgstr "Active-Directory-Domain"
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "Active Directory server address"
msgstr "Adresse des Active-Directory-Servers"
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "Active Directory backup server address"
msgstr "Adresse des Ersatz-Active-Directory-Servers"
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "Active Directory client hostname"
msgstr "Hostname des Active-Directory-Clients"
-#: src/config/SSSDConfig/__init__.py.in:182
-#: src/config/SSSDConfig/__init__.py.in:357
+#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:360
msgid "LDAP filter to determine access privileges"
msgstr "LDAP-Filter zum Bestimmen der Zugriffsprivilegien"
-#: src/config/SSSDConfig/__init__.py.in:183
+#: src/config/SSSDConfig/__init__.py.in:185
msgid "Whether to use the Global Catalog for lookups"
msgstr "Verwendung des globalen Katalogs für Suchvorgänge"
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Operation mode for GPO-based access control"
msgstr "Operationsmodus für GPO-basierte Zuhgriffskontrolle"
-#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:187
msgid ""
"The amount of time between lookups of the GPO policy files against the AD "
"server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:186
+#: src/config/SSSDConfig/__init__.py.in:188
msgid ""
"PAM service names that map to the GPO (Deny)InteractiveLogonRight policy "
"settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:189
msgid ""
"PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight "
"policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:190
msgid ""
"PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:191
msgid ""
"PAM service names that map to the GPO (Deny)BatchLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:192
msgid ""
"PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "PAM service names for which GPO-based access is always granted"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "PAM service names for which GPO-based access is always denied"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:195
msgid ""
"Default logon right (or permit/deny) to use for unmapped PAM service names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "a particular site to be used by the client"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:197
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "Kerberos server address"
msgstr "Kerberos-Serveradresse"
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Kerberos backup server address"
msgstr "Adresse des Ersatz-Kerberos-Servers"
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "Kerberos realm"
msgstr "Kerberos-Realm"
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "Authentication timeout"
msgstr "Zeitüberschreitung bei Authentifizierung"
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "Whether to create kdcinfo files"
msgstr "Gibt an, ob kdcinfo-Dateien angelegt werden"
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "Where to drop krb5 config snippets"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "Directory to store credential caches"
msgstr "Verzeichnis zum Speichern der Anmeldedaten"
-#: src/config/SSSDConfig/__init__.py.in:207
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "Location of the user's credential cache"
msgstr "Ort des Zwischenspeichers für die Anmeldedaten des Benutzers"
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:210
msgid "Location of the keytab to validate credentials"
msgstr "Ort der Schlüsseltabelle zum Überprüfen von Anmeldedaten"
-#: src/config/SSSDConfig/__init__.py.in:209
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "Enable credential validation"
msgstr "Validierung der Anmeldedaten aktivieren"
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:212
msgid "Store password if offline for later online authentication"
msgstr "Passwort im Offline-Modus für spätere Online-Anmeldung speichern"
-#: src/config/SSSDConfig/__init__.py.in:211
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Renewable lifetime of the TGT"
msgstr "Erneuerung der Lebensdauer des TGT"
-#: src/config/SSSDConfig/__init__.py.in:212
+#: src/config/SSSDConfig/__init__.py.in:214
msgid "Lifetime of the TGT"
msgstr "Lebensdauer des TGT"
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:215
msgid "Time between two checks for renewal"
msgstr "Zeitspanne zwischen zwei Prüfungen, ob Erneuerung nötig ist"
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "Enables FAST"
msgstr "Aktiviert FAST"
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "Selects the principal to use for FAST"
msgstr "Wählt den für FAST zu verwendenden Principal aus"
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:218
msgid "Enables principal canonicalization"
msgstr "Aktiviert Kanonisierung des Principals"
-#: src/config/SSSDConfig/__init__.py.in:217
+#: src/config/SSSDConfig/__init__.py.in:219
msgid "Enables enterprise principals"
msgstr "Enterprise-Principals aktivieren"
#: src/config/SSSDConfig/__init__.py.in:220
-#: src/config/SSSDConfig/__init__.py.in:221
+msgid "A mapping from user names to kerberos principal names"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:224
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
"Server, auf dem der Dienst zum Ändern des Passworts läuft, falls nicht KDC"
-#: src/config/SSSDConfig/__init__.py.in:224
+#: src/config/SSSDConfig/__init__.py.in:227
msgid "ldap_uri, The URI of the LDAP server"
msgstr "ldap_uri, die URI des LDAP-Servers"
-#: src/config/SSSDConfig/__init__.py.in:225
+#: src/config/SSSDConfig/__init__.py.in:228
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr "ldap_backup_uri, die URI des LDAP-Servers"
-#: src/config/SSSDConfig/__init__.py.in:226
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "The default base DN"
msgstr "Vorgegebene Basis-DN"
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr "Der vom LDAP-Server verwendete Schema-Typ gemäß RFC2307"
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "The default bind DN"
msgstr "Vorgegebene Bind-DN"
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "The type of the authentication token of the default bind DN"
msgstr "Typ des Authentifizierungs-Tokens der vorgegebenen Bind-DN"
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "The authentication token of the default bind DN"
msgstr "Authentifizierungs-Token für die vorgegebene Bind-DN"
-#: src/config/SSSDConfig/__init__.py.in:231
+#: src/config/SSSDConfig/__init__.py.in:234
msgid "Length of time to attempt connection"
msgstr "Zeitspanne für einen Verbindungsversuch"
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Length of time to attempt synchronous LDAP operations"
msgstr "Zeitspanne für Versuche zur Ausführung synchroner LDAP-Vorgänge"
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "Length of time between attempts to reconnect while offline"
msgstr ""
"Zeitspanne zwischen Versuchen zum erneuten Verbindungsaufbau im Offline-Modus"
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Use only the upper case for realm names"
msgstr "Nur Großschreibung für Realm-Namen verwenden"
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "File that contains CA certificates"
msgstr "Datei, die CA-Zertifikate enthält"
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Path to CA certificate directory"
msgstr "Pfad zum CA-Zertifikatverzeichnis"
-#: src/config/SSSDConfig/__init__.py.in:237
+#: src/config/SSSDConfig/__init__.py.in:240
msgid "File that contains the client certificate"
msgstr "Datei, die das Client-Zertifikat enthält"
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "File that contains the client key"
msgstr "Datei, die den Client-Schlüssel enthält"
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "List of possible ciphers suites"
msgstr "Liste der möglichen Verschlüsselungs-Suites"
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "Require TLS certificate verification"
msgstr "TLS-Zertifikatüberprüfung erforderlich machen"
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "Specify the sasl mechanism to use"
msgstr "Zu verwendenden sasl-Mechanismus angeben"
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "Specify the sasl authorization id to use"
msgstr "Zu verwendende ID für sasl-Authentifizierung angeben"
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "Specify the sasl authorization realm to use"
msgstr "Zu verwendenden Realm für sasl-Authentifizierung angeben"
-#: src/config/SSSDConfig/__init__.py.in:244
+#: src/config/SSSDConfig/__init__.py.in:247
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr "Gibt den minimalen SSF für die SASL-Authentifizierung über LDAP an"
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Kerberos service keytab"
msgstr "Schlüsseltabelle des Kerberos-Dienstes"
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "Use Kerberos auth for LDAP connection"
msgstr "Kerberos-Authentifizierung für LDAP-Verbindung verwenden"
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "Follow LDAP referrals"
msgstr "LDAP-Verweisen folgen"
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "Lifetime of TGT for LDAP connection"
msgstr "Lebensdauer von TGT für LDAP-Verbindung"
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "How to dereference aliases"
msgstr "Dereferenzierung von Aliasen"
-#: src/config/SSSDConfig/__init__.py.in:250
+#: src/config/SSSDConfig/__init__.py.in:253
msgid "Service name for DNS service lookups"
msgstr "Dienstname für DNS-Service-Suchanfragen"
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "The number of records to retrieve in a single LDAP query"
msgstr "Anzahl der in einer einzelnen LDAP-Abfrage zu holenden Datensätze"
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
"Anzahl der Elemente, die fehlen müssen, um eine vollständige "
"Dereferenzierung auszulösen"
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
@@ -795,365 +807,365 @@ msgstr ""
"Gibt an, ob die LDAP-Bibliothek eine Rückwärtssuche ausführen soll, um den "
"Rechnernamen während einer SASL-Bindung zu kanonisieren"
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "entryUSN attribute"
msgstr "entryUSN-Attribut"
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "lastUSN attribute"
msgstr "lastUSN-Attribut"
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
"Zeitspanne zum Halten einer Verbindung zum LDAP-Server, bis diese "
"unterbrochen wird"
-#: src/config/SSSDConfig/__init__.py.in:260
+#: src/config/SSSDConfig/__init__.py.in:263
msgid "Disable the LDAP paging control"
msgstr "LDAP-Paging-Steuerung deaktivieren"
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "Disable Active Directory range retrieval"
msgstr "Bereichsermittlung für Active Directory deaktivieren"
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "Length of time to wait for a search request"
msgstr "Zeitspanne zum Warten auf eine Suchanfrage"
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "Length of time to wait for a enumeration request"
msgstr "Zeitspanne zum Warten auf eine Auflistungsanfrage"
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "Length of time between enumeration updates"
msgstr "Zeitspanne zwischen Auflistungsanfragen"
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "Length of time between cache cleanups"
msgstr "Zeitspanne zwischen den Leerungen des Zwischenspeichers"
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "Require TLS for ID lookups"
msgstr "TLS für ID-Suchvorgänge erforderlich machen"
-#: src/config/SSSDConfig/__init__.py.in:269
+#: src/config/SSSDConfig/__init__.py.in:272
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr "ID-Zuweisung von objectSID anstelle von voreingestellten IDs verwenden"
-#: src/config/SSSDConfig/__init__.py.in:270
+#: src/config/SSSDConfig/__init__.py.in:273
msgid "Base DN for user lookups"
msgstr "Basis-DN für Benutzer-Suchanfragen"
-#: src/config/SSSDConfig/__init__.py.in:271
+#: src/config/SSSDConfig/__init__.py.in:274
msgid "Scope of user lookups"
msgstr "Bereich für Benutzer-Suchanfragen"
-#: src/config/SSSDConfig/__init__.py.in:272
+#: src/config/SSSDConfig/__init__.py.in:275
msgid "Filter for user lookups"
msgstr "Filter für Benutzer-Suchanfragen"
-#: src/config/SSSDConfig/__init__.py.in:273
+#: src/config/SSSDConfig/__init__.py.in:276
msgid "Objectclass for users"
msgstr "Objektklasse für Benutzer"
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Username attribute"
msgstr "Benutzername-Attribut"
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "UID attribute"
msgstr "UID-Attribut"
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "Primary GID attribute"
msgstr "Primäres GID-Attribut"
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "GECOS attribute"
msgstr "GECOS-Attribut"
-#: src/config/SSSDConfig/__init__.py.in:279
+#: src/config/SSSDConfig/__init__.py.in:282
msgid "Home directory attribute"
msgstr "Home-Verzeichnis-Attribut"
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "Shell attribute"
msgstr "Shell-Attribut"
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
#, fuzzy
msgid "UUID attribute"
msgstr "UID-Attribut"
-#: src/config/SSSDConfig/__init__.py.in:282
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:322
msgid "objectSID attribute"
msgstr "objectSID -Attribut"
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Active Directory primary group attribute for ID-mapping"
msgstr "Active-Directory-Primärgruppen-Attribut für ID-Zuweisung"
-#: src/config/SSSDConfig/__init__.py.in:284
+#: src/config/SSSDConfig/__init__.py.in:287
msgid "User principal attribute (for Kerberos)"
msgstr "Principal-Attribut verwenden (für Kerberos)"
-#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:288
msgid "Full Name"
msgstr "Vollständiger Name"
-#: src/config/SSSDConfig/__init__.py.in:286
+#: src/config/SSSDConfig/__init__.py.in:289
msgid "memberOf attribute"
msgstr "memberOf-Attribut"
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Modification time attribute"
msgstr "Änderungszeit-Attribut"
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "shadowLastChange attribute"
msgstr "shadowLastChange-attribut"
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "shadowMin attribute"
msgstr "shadowMin-Attribut"
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "shadowMax attribute"
msgstr "shadowMax Attribut"
-#: src/config/SSSDConfig/__init__.py.in:292
+#: src/config/SSSDConfig/__init__.py.in:295
msgid "shadowWarning attribute"
msgstr "shadowWarning-Attribut"
-#: src/config/SSSDConfig/__init__.py.in:293
+#: src/config/SSSDConfig/__init__.py.in:296
msgid "shadowInactive attribute"
msgstr "shadowInactive-Attribut"
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "shadowExpire attribute"
msgstr "shadowExpire-Attribut"
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "shadowFlag attribute"
msgstr "shadowFlag-Attribut"
-#: src/config/SSSDConfig/__init__.py.in:296
+#: src/config/SSSDConfig/__init__.py.in:299
msgid "Attribute listing authorized PAM services"
msgstr "Attribut, welches die autorisierten PAM-Dienste auflistet"
-#: src/config/SSSDConfig/__init__.py.in:297
+#: src/config/SSSDConfig/__init__.py.in:300
msgid "Attribute listing authorized server hosts"
msgstr "Attribut, welches die autorisierten Server-Hosts auflistet"
-#: src/config/SSSDConfig/__init__.py.in:298
+#: src/config/SSSDConfig/__init__.py.in:301
msgid "krbLastPwdChange attribute"
msgstr "krbLastPwdChange-Attribut"
-#: src/config/SSSDConfig/__init__.py.in:299
+#: src/config/SSSDConfig/__init__.py.in:302
msgid "krbPasswordExpiration attribute"
msgstr "krbPasswordExpiration-Attribut"
-#: src/config/SSSDConfig/__init__.py.in:300
+#: src/config/SSSDConfig/__init__.py.in:303
msgid "Attribute indicating that server side password policies are active"
msgstr ""
"Attribut, welches angibt, dass die serverseitigen Passwortregeln aktiv sind"
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "accountExpires attribute of AD"
msgstr "accountExpires-Attribut von AD"
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "userAccountControl attribute of AD"
msgstr "userAccountControl-Attribut von AD"
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "nsAccountLock attribute"
msgstr "nsAccountLock-Attribut"
-#: src/config/SSSDConfig/__init__.py.in:304
+#: src/config/SSSDConfig/__init__.py.in:307
msgid "loginDisabled attribute of NDS"
msgstr "loginDisabled-Attribut von NDS"
-#: src/config/SSSDConfig/__init__.py.in:305
+#: src/config/SSSDConfig/__init__.py.in:308
msgid "loginExpirationTime attribute of NDS"
msgstr "loginExpirationTime-Attribut von NDS"
-#: src/config/SSSDConfig/__init__.py.in:306
+#: src/config/SSSDConfig/__init__.py.in:309
msgid "loginAllowedTimeMap attribute of NDS"
msgstr "loginAllowedTimeMap-Attribut von NDS"
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "SSH public key attribute"
msgstr "Attribut für öffentlichen SSH-Schlüssel"
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "A list of extra attributes to download along with the user entry"
msgstr ""
"Eine Liste der zusätzlich herunterzuladender Attribute zusammen mit dem "
"Benutzereintrag"
-#: src/config/SSSDConfig/__init__.py.in:310
+#: src/config/SSSDConfig/__init__.py.in:313
msgid "Base DN for group lookups"
msgstr "Basis-DN für Gruppen-Suchanfragen"
-#: src/config/SSSDConfig/__init__.py.in:313
+#: src/config/SSSDConfig/__init__.py.in:316
msgid "Objectclass for groups"
msgstr "Objektklasse für Gruppen"
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "Group name"
msgstr "Gruppenname"
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Group password"
msgstr "Gruppenpasswort"
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid "GID attribute"
msgstr "Gruppen-ID-Attribut"
-#: src/config/SSSDConfig/__init__.py.in:317
+#: src/config/SSSDConfig/__init__.py.in:320
msgid "Group member attribute"
msgstr "Gruppen-Mitgliedschafts-Attribut"
-#: src/config/SSSDConfig/__init__.py.in:318
+#: src/config/SSSDConfig/__init__.py.in:321
#, fuzzy
msgid "Group UUID attribute"
msgstr "UID-Attribut"
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "Modification time attribute for groups"
msgstr "Änderungszeit-Attribut für Gruppen"
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "Type of the group and other flags"
msgstr "Typ der Gruppe und weitere Flags"
-#: src/config/SSSDConfig/__init__.py.in:323
+#: src/config/SSSDConfig/__init__.py.in:326
msgid "Maximum nesting level SSSd will follow"
msgstr "Maximale Ebene der Verschachtelung, der SSSd folgt"
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Base DN for netgroup lookups"
msgstr "Basis-DN für Netzgruppen-Suchanfragen"
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Objectclass for netgroups"
msgstr "Objektklasse für Netzgruppen"
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Netgroup name"
msgstr "Netzgruppenname"
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Netgroups members attribute"
msgstr "Netzgruppen-Mitglieder-Attribut"
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid "Netgroup triple attribute"
msgstr "Netzgruppen-Tripel-Attribut"
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "Modification time attribute for netgroups"
msgstr "Änderungszeit-Attribut für Netzgruppen"
-#: src/config/SSSDConfig/__init__.py.in:332
+#: src/config/SSSDConfig/__init__.py.in:335
msgid "Base DN for service lookups"
msgstr "Basis-DN für Dienste-Suchanfragen"
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Objectclass for services"
msgstr "Objektklasse für Dienste"
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Service name attribute"
msgstr "Name-Attribut des Dienstes"
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Service port attribute"
msgstr "Port-Attribut des Dienstes"
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Service protocol attribute"
msgstr "Protokoll-Attribut des Dienstes"
-#: src/config/SSSDConfig/__init__.py.in:339
+#: src/config/SSSDConfig/__init__.py.in:342
msgid "Lower bound for ID-mapping"
msgstr "Untere Grenze für ID-Zuweisung"
-#: src/config/SSSDConfig/__init__.py.in:340
+#: src/config/SSSDConfig/__init__.py.in:343
msgid "Upper bound for ID-mapping"
msgstr "Obere Grenze für ID-Zuweisung"
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Number of IDs for each slice when ID-mapping"
msgstr "Anzahl der IDs für jeden Teil bei der ID-Zuweisung"
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr "autorid-kompatiblen Algorithmus für ID-Zuweisung verwenden"
-#: src/config/SSSDConfig/__init__.py.in:343
+#: src/config/SSSDConfig/__init__.py.in:346
msgid "Name of the default domain for ID-mapping"
msgstr "Name der Vorgabe-Domain für ID-Zuweisung"
-#: src/config/SSSDConfig/__init__.py.in:344
+#: src/config/SSSDConfig/__init__.py.in:347
msgid "SID of the default domain for ID-mapping"
msgstr "SID der Vorgabedomain für ID-Zuweisung"
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr "LDAP_MATCHING_RULE_IN_CHAIN für Gruppen-Suchanfragen verwenden"
-#: src/config/SSSDConfig/__init__.py.in:347
+#: src/config/SSSDConfig/__init__.py.in:350
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr "LDAP_MATCHING_RULE_IN_CHAIN für initgroup-Suchanfragen verwenden"
-#: src/config/SSSDConfig/__init__.py.in:348
+#: src/config/SSSDConfig/__init__.py.in:351
msgid "Whether to use Token-Groups"
msgstr "Verwendung von Token-Gruppen"
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "Set lower boundary for allowed IDs from the LDAP server"
msgstr "Untere Grenze für zulässige IDs des LDAP-Servers angeben"
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Set upper boundary for allowed IDs from the LDAP server"
msgstr "Obere Grenze für zulässige IDs des LDAP-Servers angeben"
-#: src/config/SSSDConfig/__init__.py.in:351
+#: src/config/SSSDConfig/__init__.py.in:354
msgid "DN for ppolicy queries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:354
+#: src/config/SSSDConfig/__init__.py.in:357
msgid "Policy to evaluate the password expiration"
msgstr "Regel zum Ermitteln der Ablaufzeit des Passworts"
-#: src/config/SSSDConfig/__init__.py.in:358
+#: src/config/SSSDConfig/__init__.py.in:361
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
"Attribute, die bei der Ermittlung verwendet werden, ob ein Konto abgelaufen "
"ist"
-#: src/config/SSSDConfig/__init__.py.in:359
+#: src/config/SSSDConfig/__init__.py.in:362
msgid "Which rules should be used to evaluate access control"
msgstr "Regeln für die Ermittlung der Zugriffskontrolle"
-#: src/config/SSSDConfig/__init__.py.in:362
+#: src/config/SSSDConfig/__init__.py.in:365
msgid "URI of an LDAP server where password changes are allowed"
msgstr "URI eines LDAP-Servers, wo Passwortänderungen zulässig sind"
-#: src/config/SSSDConfig/__init__.py.in:363
+#: src/config/SSSDConfig/__init__.py.in:366
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr "URI eines Ersatz-LDAP-Servers, wo Passwortänderungen zulässig sind"
-#: src/config/SSSDConfig/__init__.py.in:364
+#: src/config/SSSDConfig/__init__.py.in:367
msgid "DNS service name for LDAP password change server"
msgstr "DNS-Dienstname für den LDAP-Passwortänderungsserver"
-#: src/config/SSSDConfig/__init__.py.in:365
+#: src/config/SSSDConfig/__init__.py.in:368
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
@@ -1161,25 +1173,25 @@ msgstr ""
"Gibt an, ob das Attribut ldap_user_shadow_last_change nach einer "
"Passwortänderung aktualisiert werden soll"
-#: src/config/SSSDConfig/__init__.py.in:368
+#: src/config/SSSDConfig/__init__.py.in:371
msgid "Base DN for sudo rules lookups"
msgstr "Basis-DN für Suchanfragen nach Sudo-Regeln"
-#: src/config/SSSDConfig/__init__.py.in:369
+#: src/config/SSSDConfig/__init__.py.in:372
msgid "Automatic full refresh period"
msgstr "Periode für automatische vollständige Aktualisierung"
-#: src/config/SSSDConfig/__init__.py.in:370
+#: src/config/SSSDConfig/__init__.py.in:373
msgid "Automatic smart refresh period"
msgstr "Periode für bedingte vollständige Aktualisierung"
-#: src/config/SSSDConfig/__init__.py.in:371
+#: src/config/SSSDConfig/__init__.py.in:374
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
"Gibt an, ob Regeln nach Hostnamen, IP-Adressen oder Netzwerken gefiltert "
"werden sollen"
-#: src/config/SSSDConfig/__init__.py.in:372
+#: src/config/SSSDConfig/__init__.py.in:375
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
@@ -1187,124 +1199,124 @@ msgstr ""
"Hostnamen und/oder voll ausgeschriebene Domain-Namen dieses Rechners zum "
"Filtern von Sudo-Regeln"
-#: src/config/SSSDConfig/__init__.py.in:373
+#: src/config/SSSDConfig/__init__.py.in:376
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
"IPv4- oder IPv6-Adressen oder Netzwerk dieses Rechners zum Filtern von sudo-"
"Regeln"
-#: src/config/SSSDConfig/__init__.py.in:374
+#: src/config/SSSDConfig/__init__.py.in:377
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
"Gibt an, ob Regeln im Host-Attribut einbezogen werden sollen, die "
"Netzgruppen enthalten"
-#: src/config/SSSDConfig/__init__.py.in:375
+#: src/config/SSSDConfig/__init__.py.in:378
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
"Gibt an, ob Regeln im Host-Attribut einbezogen werden sollen, die reguläre "
"Ausdrücke enthalten"
-#: src/config/SSSDConfig/__init__.py.in:376
+#: src/config/SSSDConfig/__init__.py.in:379
msgid "Object class for sudo rules"
msgstr "Objektklasse für Sudo-Regeln"
-#: src/config/SSSDConfig/__init__.py.in:377
+#: src/config/SSSDConfig/__init__.py.in:380
msgid "Sudo rule name"
msgstr "Sudo-Regelname"
-#: src/config/SSSDConfig/__init__.py.in:378
+#: src/config/SSSDConfig/__init__.py.in:381
msgid "Sudo rule command attribute"
msgstr "Befehlsattribut der Sudo-Regel"
-#: src/config/SSSDConfig/__init__.py.in:379
+#: src/config/SSSDConfig/__init__.py.in:382
msgid "Sudo rule host attribute"
msgstr "Host-Attribut der Sudo-Regel"
-#: src/config/SSSDConfig/__init__.py.in:380
+#: src/config/SSSDConfig/__init__.py.in:383
msgid "Sudo rule user attribute"
msgstr "Benutzer-Attribut der Sudo-Regel"
-#: src/config/SSSDConfig/__init__.py.in:381
+#: src/config/SSSDConfig/__init__.py.in:384
msgid "Sudo rule option attribute"
msgstr "Optionsattribut der Sudo-Regel"
-#: src/config/SSSDConfig/__init__.py.in:382
+#: src/config/SSSDConfig/__init__.py.in:385
msgid "Sudo rule runas attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:383
+#: src/config/SSSDConfig/__init__.py.in:386
msgid "Sudo rule runasuser attribute"
msgstr "runasuser-Attribut der Sudo-Regel"
-#: src/config/SSSDConfig/__init__.py.in:384
+#: src/config/SSSDConfig/__init__.py.in:387
msgid "Sudo rule runasgroup attribute"
msgstr "runasgroup-Attribut der Sudo-Regel"
-#: src/config/SSSDConfig/__init__.py.in:385
+#: src/config/SSSDConfig/__init__.py.in:388
msgid "Sudo rule notbefore attribute"
msgstr "notbefore-Attribut der Sudo-Regel"
-#: src/config/SSSDConfig/__init__.py.in:386
+#: src/config/SSSDConfig/__init__.py.in:389
msgid "Sudo rule notafter attribute"
msgstr "notafter-Attribut der sudo-Regel"
-#: src/config/SSSDConfig/__init__.py.in:387
+#: src/config/SSSDConfig/__init__.py.in:390
msgid "Sudo rule order attribute"
msgstr "Reihenfolge-Attribut der Sudo-Regel"
-#: src/config/SSSDConfig/__init__.py.in:390
+#: src/config/SSSDConfig/__init__.py.in:393
msgid "Object class for automounter maps"
msgstr "Objektklasse für Automounter-Zuweisungen"
-#: src/config/SSSDConfig/__init__.py.in:391
+#: src/config/SSSDConfig/__init__.py.in:394
msgid "Automounter map name attribute"
msgstr "Name-Attribut der Automounter-Zuweisung"
-#: src/config/SSSDConfig/__init__.py.in:392
+#: src/config/SSSDConfig/__init__.py.in:395
msgid "Object class for automounter map entries"
msgstr "Objektklasse für Einträge von Automounter-Zuweisungen"
-#: src/config/SSSDConfig/__init__.py.in:393
+#: src/config/SSSDConfig/__init__.py.in:396
msgid "Automounter map entry key attribute"
msgstr "Schlüssel-Attribut des Automounter-Zuweisungseintrags"
-#: src/config/SSSDConfig/__init__.py.in:394
+#: src/config/SSSDConfig/__init__.py.in:397
msgid "Automounter map entry value attribute"
msgstr "Wert-Attribut des Automounter-Zuweisungseintrags"
-#: src/config/SSSDConfig/__init__.py.in:395
+#: src/config/SSSDConfig/__init__.py.in:398
msgid "Base DN for automounter map lookups"
msgstr "Basis-DN für Suchanfragen nach Automounter-Zuweisungen"
-#: src/config/SSSDConfig/__init__.py.in:398
+#: src/config/SSSDConfig/__init__.py.in:401
msgid "Comma separated list of allowed users"
msgstr "Durch Kommata getrennte Liste der erlaubten Benutzer"
-#: src/config/SSSDConfig/__init__.py.in:399
+#: src/config/SSSDConfig/__init__.py.in:402
msgid "Comma separated list of prohibited users"
msgstr "Durch Kommata getrennte Liste der verbotenen Benutzer"
-#: src/config/SSSDConfig/__init__.py.in:402
+#: src/config/SSSDConfig/__init__.py.in:405
msgid "Default shell, /bin/bash"
msgstr "Vorgabeshell, /bin/bash"
-#: src/config/SSSDConfig/__init__.py.in:403
+#: src/config/SSSDConfig/__init__.py.in:406
msgid "Base for home directories"
msgstr "Wurzel für Benutzerverzeichnisse"
-#: src/config/SSSDConfig/__init__.py.in:406
+#: src/config/SSSDConfig/__init__.py.in:409
msgid "The name of the NSS library to use"
msgstr "Name der zu verwendenden NSS-Bibliothek"
-#: src/config/SSSDConfig/__init__.py.in:407
+#: src/config/SSSDConfig/__init__.py.in:410
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
"Gibt an, ob wenn möglich im Zwischenspeicher nach dem kanonischen "
"Gruppennamen gesucht werden soll"
-#: src/config/SSSDConfig/__init__.py.in:410
+#: src/config/SSSDConfig/__init__.py.in:413
msgid "PAM stack to use"
msgstr "Zu verwendender PAM-Stapel"
@@ -1324,26 +1336,26 @@ msgstr "Angabe einer nicht standardmäßigen Konfigurationsdatei"
msgid "Print version number and exit"
msgstr "Versionsnummer ausgeben und das Programm beenden"
-#: src/providers/krb5/krb5_child.c:2342 src/providers/ldap/ldap_child.c:589
+#: src/providers/krb5/krb5_child.c:2342 src/providers/ldap/ldap_child.c:609
#: src/util/util.h:108
msgid "Debug level"
msgstr "Fehlerdiagnosestufe"
-#: src/providers/krb5/krb5_child.c:2344 src/providers/ldap/ldap_child.c:591
+#: src/providers/krb5/krb5_child.c:2344 src/providers/ldap/ldap_child.c:611
#: src/util/util.h:114
msgid "Add debug timestamps"
msgstr "Debug-Zeitstempel hinzufügen"
-#: src/providers/krb5/krb5_child.c:2346 src/providers/ldap/ldap_child.c:593
+#: src/providers/krb5/krb5_child.c:2346 src/providers/ldap/ldap_child.c:613
#: src/util/util.h:116
msgid "Show timestamps with microseconds"
msgstr "Zeitstempel mit Mikrosekunden anzeigen"
-#: src/providers/krb5/krb5_child.c:2348 src/providers/ldap/ldap_child.c:595
+#: src/providers/krb5/krb5_child.c:2348 src/providers/ldap/ldap_child.c:615
msgid "An open file descriptor for the debug logs"
msgstr "Offener Dateideskriptor für die Debug-Protokolle"
-#: src/providers/krb5/krb5_child.c:2351 src/providers/ldap/ldap_child.c:597
+#: src/providers/krb5/krb5_child.c:2351 src/providers/ldap/ldap_child.c:617
#: src/util/util.h:112
msgid "Send the debug output to stderr directly."
msgstr ""
@@ -1356,71 +1368,80 @@ msgstr ""
msgid "The group to create FAST ccache as"
msgstr ""
-#: src/providers/data_provider_be.c:2833
+#: src/providers/data_provider_be.c:2834
msgid "Domain of the information provider (mandatory)"
msgstr "Domain des Informationsanbieters (obligatorisch)"
-#: src/sss_client/common.c:969
+#: src/sss_client/common.c:971
msgid "Privileged socket has wrong ownership or permissions."
msgstr "Privilegierter Socket hat falsche Eigentums- oder Zugriffsrechte."
-#: src/sss_client/common.c:972
+#: src/sss_client/common.c:974
msgid "Public socket has wrong ownership or permissions."
msgstr "Öffentlicher Socket hat falsche Eigentums- oder Zugriffsrechte."
-#: src/sss_client/common.c:975
+#: src/sss_client/common.c:977
msgid "Unexpected format of the server credential message."
msgstr "Unerwartetes Format der Server-Anmeldenachricht."
-#: src/sss_client/common.c:978
+#: src/sss_client/common.c:980
msgid "SSSD is not run by root."
msgstr "SSSD wird nicht durch Root ausgeführt."
-#: src/sss_client/common.c:983
+#: src/sss_client/common.c:985
msgid "An error occurred, but no description can be found."
msgstr ""
"Ein Fehler ist aufgetreten, aber es kann keine Beschreibung gefunden werden."
-#: src/sss_client/common.c:989
+#: src/sss_client/common.c:991
msgid "Unexpected error while looking for an error description"
msgstr "Unerwarteter Fehler beim Suchen nach einer Fehlerbeschreibung"
-#: src/sss_client/pam_sss.c:398
+#: src/sss_client/pam_sss.c:63
+msgid "Permission denied. "
+msgstr ""
+
+#: src/sss_client/pam_sss.c:64 src/sss_client/pam_sss.c:883
+#: src/sss_client/pam_sss.c:894
+msgid "Server message: "
+msgstr "Server-Meldung: "
+
+#: src/sss_client/pam_sss.c:401
msgid "Passwords do not match"
msgstr "Passwörter stimmen nicht überein"
-#: src/sss_client/pam_sss.c:586
+#: src/sss_client/pam_sss.c:589
msgid "Password reset by root is not supported."
msgstr "Das Zurücksetzen des Passworts durch Root wird nicht unterstützt."
-#: src/sss_client/pam_sss.c:627
+#: src/sss_client/pam_sss.c:630
msgid "Authenticated with cached credentials"
msgstr "Authentifiziert mit zwischengespeicherten Anmeldedaten"
-#: src/sss_client/pam_sss.c:628
+#: src/sss_client/pam_sss.c:631
msgid ", your cached password will expire at: "
msgstr ", Ihr zwischengespeichertes Passwort läuft ab am: "
-#: src/sss_client/pam_sss.c:658
+#: src/sss_client/pam_sss.c:661
#, c-format
msgid "Your password has expired. You have %1$d grace login(s) remaining."
msgstr ""
"Ihr Passwort ist abgelaufen. Ihnen verbleiben nur noch %1$d Anmeldungen."
-#: src/sss_client/pam_sss.c:704
+#: src/sss_client/pam_sss.c:707
#, c-format
msgid "Your password will expire in %1$d %2$s."
msgstr "Ihr Passwort wird in %1$d %2$s ablaufen."
-#: src/sss_client/pam_sss.c:753
+#: src/sss_client/pam_sss.c:756
msgid "Authentication is denied until: "
msgstr "Authentifizierung wird verweigert bis: "
-#: src/sss_client/pam_sss.c:774
+#: src/sss_client/pam_sss.c:777
msgid "System is offline, password change not possible"
msgstr "System ist offline, Änderung des Passworts ist nicht möglich"
-#: src/sss_client/pam_sss.c:789
+#: src/sss_client/pam_sss.c:792
msgid ""
"After changing the OTP password, you need to log out and back in order to "
"acquire a ticket"
@@ -1428,31 +1449,27 @@ msgstr ""
"Nach dem Ändern des OTP-Passworts müssen Sie sich ab- und wieder anmelden, "
"um ein Ticket erhalten zu können"
-#: src/sss_client/pam_sss.c:820 src/sss_client/pam_sss.c:833
+#: src/sss_client/pam_sss.c:880 src/sss_client/pam_sss.c:893
msgid "Password change failed. "
msgstr "Änderung des Passworts fehlgeschlagen. "
-#: src/sss_client/pam_sss.c:823 src/sss_client/pam_sss.c:834
-msgid "Server message: "
-msgstr "Server-Meldung: "
-
-#: src/sss_client/pam_sss.c:1274
+#: src/sss_client/pam_sss.c:1336
msgid "New Password: "
msgstr "Neues Passwort: "
-#: src/sss_client/pam_sss.c:1275
+#: src/sss_client/pam_sss.c:1337
msgid "Reenter new Password: "
msgstr "Neues Passwort wiederholen: "
-#: src/sss_client/pam_sss.c:1374
+#: src/sss_client/pam_sss.c:1436
msgid "Password: "
msgstr "Passwort: "
-#: src/sss_client/pam_sss.c:1406
+#: src/sss_client/pam_sss.c:1468
msgid "Current Password: "
msgstr "Aktuelles Passwort: "
-#: src/sss_client/pam_sss.c:1582
+#: src/sss_client/pam_sss.c:1644
msgid "Password expired. Change your password now."
msgstr "Passwort ist abgelaufen. Ändern Sie Ihr Passwort jetzt."
diff --git a/po/es.po b/po/es.po
index 44a028461..4709d4d67 100644
--- a/po/es.po
+++ b/po/es.po
@@ -16,7 +16,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2015-02-18 16:53+0100\n"
+"POT-Creation-Date: 2015-06-12 10:37+0200\n"
"PO-Revision-Date: 2014-06-04 02:04-0400\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Spanish (http://www.transifex.com/projects/p/sssd/language/"
@@ -26,7 +26,7 @@ msgstr ""
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"
-"X-Generator: Zanata 3.5.1\n"
+"X-Generator: Zanata 3.6.2\n"
#: src/config/SSSDConfig/__init__.py.in:43
msgid "Set the verbosity of the debug logging"
@@ -120,7 +120,7 @@ msgstr ""
"Tiempo máximo (segundos) de la entrada de caché a actualizar en segundo plano"
#: src/config/SSSDConfig/__init__.py.in:67
-#: src/config/SSSDConfig/__init__.py.in:96
+#: src/config/SSSDConfig/__init__.py.in:97
msgid "Negative cache timeout length (seconds)"
msgstr "Tiempo máximo negativo del cache (segundos)"
@@ -225,548 +225,560 @@ msgstr ""
msgid "List of domains accessible even for untrusted users."
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:93
+#: src/config/SSSDConfig/__init__.py.in:91
+msgid "Message printed when user account is expired."
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:94
msgid "Whether to evaluate the time-based attributes in sudo rules"
msgstr "Ya sea para evaluar los atributos basados en el tiempo en reglas sudo"
-#: src/config/SSSDConfig/__init__.py.in:99
+#: src/config/SSSDConfig/__init__.py.in:100
msgid "Whether to hash host names and addresses in the known_hosts file"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:100
+#: src/config/SSSDConfig/__init__.py.in:101
msgid ""
"How many seconds to keep a host in the known_hosts file after its host keys "
"were requested"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:103
+#: src/config/SSSDConfig/__init__.py.in:104
msgid "List of UIDs or user names allowed to access the PAC responder"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:106
+#: src/config/SSSDConfig/__init__.py.in:107
msgid "List of UIDs or user names allowed to access the InfoPipe responder"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:107
+#: src/config/SSSDConfig/__init__.py.in:108
msgid "List of user attributes the InfoPipe is allowed to publish"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:110
+#: src/config/SSSDConfig/__init__.py.in:111
msgid "Identity provider"
msgstr "Proveedor de identidad"
-#: src/config/SSSDConfig/__init__.py.in:111
+#: src/config/SSSDConfig/__init__.py.in:112
msgid "Authentication provider"
msgstr "Proveedor de Autenticación"
-#: src/config/SSSDConfig/__init__.py.in:112
+#: src/config/SSSDConfig/__init__.py.in:113
msgid "Access control provider"
msgstr "Proveedor de control de acceso"
-#: src/config/SSSDConfig/__init__.py.in:113
+#: src/config/SSSDConfig/__init__.py.in:114
msgid "Password change provider"
msgstr "Proveedor de cambio de contraseña"
-#: src/config/SSSDConfig/__init__.py.in:114
+#: src/config/SSSDConfig/__init__.py.in:115
msgid "SUDO provider"
msgstr "Proveedor de SUDO"
-#: src/config/SSSDConfig/__init__.py.in:115
+#: src/config/SSSDConfig/__init__.py.in:116
msgid "Autofs provider"
msgstr "Proveedor de Autofs"
-#: src/config/SSSDConfig/__init__.py.in:116
+#: src/config/SSSDConfig/__init__.py.in:117
msgid "Session-loading provider"
msgstr "Suministrador de carga de sesión"
-#: src/config/SSSDConfig/__init__.py.in:117
+#: src/config/SSSDConfig/__init__.py.in:118
msgid "Host identity provider"
msgstr "Suministrador de identidad de host"
-#: src/config/SSSDConfig/__init__.py.in:120
+#: src/config/SSSDConfig/__init__.py.in:121
msgid "Minimum user ID"
msgstr "ID mínimo de usuario"
-#: src/config/SSSDConfig/__init__.py.in:121
+#: src/config/SSSDConfig/__init__.py.in:122
msgid "Maximum user ID"
msgstr "ID máximo de usuario"
-#: src/config/SSSDConfig/__init__.py.in:122
+#: src/config/SSSDConfig/__init__.py.in:123
msgid "Enable enumerating all users/groups"
msgstr "Habilitar la enumeración de todos los usuarios/grupos"
-#: src/config/SSSDConfig/__init__.py.in:123
+#: src/config/SSSDConfig/__init__.py.in:124
msgid "Cache credentials for offline login"
msgstr "Hacer caché de las credenciales para ingresos fuera de línea"
-#: src/config/SSSDConfig/__init__.py.in:124
+#: src/config/SSSDConfig/__init__.py.in:125
msgid "Store password hashes"
msgstr "Guardar los hashes de la contraseña"
-#: src/config/SSSDConfig/__init__.py.in:125
+#: src/config/SSSDConfig/__init__.py.in:126
msgid "Display users/groups in fully-qualified form"
msgstr "Mostrar los usuarios/grupos en un formato completamente calificado"
-#: src/config/SSSDConfig/__init__.py.in:126
+#: src/config/SSSDConfig/__init__.py.in:127
msgid "Don't include group members in group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:127
-#: src/config/SSSDConfig/__init__.py.in:134
+#: src/config/SSSDConfig/__init__.py.in:128
#: src/config/SSSDConfig/__init__.py.in:135
#: src/config/SSSDConfig/__init__.py.in:136
#: src/config/SSSDConfig/__init__.py.in:137
#: src/config/SSSDConfig/__init__.py.in:138
#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "Entry cache timeout length (seconds)"
msgstr "Tiempo máximo de una entrada del caché (segundos)"
-#: src/config/SSSDConfig/__init__.py.in:128
+#: src/config/SSSDConfig/__init__.py.in:129
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr ""
"Restringir o preferir una familia de direcciones específica, cuando se "
"realicen búsquedas DNS"
-#: src/config/SSSDConfig/__init__.py.in:129
+#: src/config/SSSDConfig/__init__.py.in:130
msgid "How long to keep cached entries after last successful login (days)"
msgstr "Por cuánto tiempo permitir ingresos cacheados luego del último (días)"
-#: src/config/SSSDConfig/__init__.py.in:130
+#: src/config/SSSDConfig/__init__.py.in:131
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr ""
"Cantidad de tiempo (en segundos) a esperar respuestas desde DNS cuando se "
"estén resolviendo servidores"
-#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "The domain part of service discovery DNS query"
msgstr "La sección del dominio de la consulta para descubrir servicios DNS"
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "Override GID value from the identity provider with this value"
msgstr "Sustituye valor GID del proveedor de la identidad con este valor"
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Treat usernames as case sensitive"
msgstr "Trate al nombre de usuario con mayúsculas y minúsculas"
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "How often should expired entries be refreshed in background"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "Whether to automatically update the client's DNS entry"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:142
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:143
+#: src/config/SSSDConfig/__init__.py.in:159
msgid "The TTL to apply to the client's DNS entry after updating it"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:143
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
"La interfaz cuya IP debería ser utilizada para actualizaciones DNS "
"automáticas"
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:145
msgid "How often to periodically update the client's DNS entry"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:146
msgid "Whether the provider should explicitly update the PTR record as well"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:147
msgid "Whether the nsupdate utility should default to using TCP"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "What kind of authentication should be used to perform the DNS update"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:148
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "Control enumeration of trusted domains"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:149
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "How often should subdomains list be refreshed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:152
+#: src/config/SSSDConfig/__init__.py.in:151
+msgid "List of options that should be inherited into a subdomain"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:154
msgid "IPA domain"
msgstr "Dominio IPA"
-#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:155
msgid "IPA server address"
msgstr "Dirección del servidor IPA"
-#: src/config/SSSDConfig/__init__.py.in:154
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Address of backup IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:155
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "IPA client hostname"
msgstr "Nombre de equipo del cliente IPA"
-#: src/config/SSSDConfig/__init__.py.in:156
+#: src/config/SSSDConfig/__init__.py.in:158
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
"Si actualizar o no en forma automática la entrada DNS del cliente en FreeIPA"
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:161
msgid "Search base for HBAC related objects"
msgstr "Búsqueda base para objetos HBAC"
-#: src/config/SSSDConfig/__init__.py.in:160
+#: src/config/SSSDConfig/__init__.py.in:162
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr ""
"Cantidad de tiempo entre búsquedas de reglas HBAC contra el servidor IPA"
-#: src/config/SSSDConfig/__init__.py.in:161
+#: src/config/SSSDConfig/__init__.py.in:163
msgid ""
"The amount of time in seconds between lookups of the SELinux maps against "
"the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:162
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr ""
"Si se encuentran presentes reglas de negación (DENY) o bien se niega todo "
"(DENY_ALL) o se ignora (IGNORE)"
-#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
"Si se lo define en 'false', será ignorado el argumento de equipo ofrecido "
"por PAM"
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "The automounter location this IPA client is using"
msgstr "La ubicación de montaje automático que este cliente de IPA está usando"
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Search base for object containing info about IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:168
msgid "Search base for objects containing info about ID ranges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:167
-#: src/config/SSSDConfig/__init__.py.in:181
+#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:183
msgid "Enable DNS sites - location based service discovery"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:168
+#: src/config/SSSDConfig/__init__.py.in:170
msgid "Search base for view containers"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:171
msgid "Objectclass for view containers"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:170
+#: src/config/SSSDConfig/__init__.py.in:172
msgid "Attribute with the name of the view"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
msgid "Objectclass for override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:172
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Attribute with the reference to the original object"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:175
msgid "Objectclass for user override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:176
msgid "Objectclass for group override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "Active Directory domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "Active Directory server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "Active Directory backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "Active Directory client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:182
-#: src/config/SSSDConfig/__init__.py.in:357
+#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:360
msgid "LDAP filter to determine access privileges"
msgstr "Filtro LDAP para determinar privilegios de acceso"
-#: src/config/SSSDConfig/__init__.py.in:183
+#: src/config/SSSDConfig/__init__.py.in:185
msgid "Whether to use the Global Catalog for lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Operation mode for GPO-based access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:187
msgid ""
"The amount of time between lookups of the GPO policy files against the AD "
"server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:186
+#: src/config/SSSDConfig/__init__.py.in:188
msgid ""
"PAM service names that map to the GPO (Deny)InteractiveLogonRight policy "
"settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:189
msgid ""
"PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight "
"policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:190
msgid ""
"PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:191
msgid ""
"PAM service names that map to the GPO (Deny)BatchLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:192
msgid ""
"PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "PAM service names for which GPO-based access is always granted"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "PAM service names for which GPO-based access is always denied"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:195
msgid ""
"Default logon right (or permit/deny) to use for unmapped PAM service names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "a particular site to be used by the client"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:197
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "Kerberos server address"
msgstr "Dirección del servidor Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Kerberos backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "Kerberos realm"
msgstr "Reinado Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "Authentication timeout"
msgstr "Expiración de la autenticación"
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "Whether to create kdcinfo files"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "Where to drop krb5 config snippets"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "Directory to store credential caches"
msgstr "Directorio donde almacenar las credenciales cacheadas"
-#: src/config/SSSDConfig/__init__.py.in:207
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "Location of the user's credential cache"
msgstr "Ubicación del caché de credenciales del usuario"
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:210
msgid "Location of the keytab to validate credentials"
msgstr "Ubicación de la tabla de claves para validar las credenciales"
-#: src/config/SSSDConfig/__init__.py.in:209
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "Enable credential validation"
msgstr "Habilitar la validación de credenciales"
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:212
msgid "Store password if offline for later online authentication"
msgstr ""
"Si se encuentra desconectado, almacena contraseñas para más tarde realizar "
"una autenticación en línea"
-#: src/config/SSSDConfig/__init__.py.in:211
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Renewable lifetime of the TGT"
msgstr "ciclo de vida renovable del TGT"
-#: src/config/SSSDConfig/__init__.py.in:212
+#: src/config/SSSDConfig/__init__.py.in:214
msgid "Lifetime of the TGT"
msgstr "ciclo de vida del TGT"
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:215
msgid "Time between two checks for renewal"
msgstr "tiempo entre dos comprobaciones para renovación "
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "Enables FAST"
msgstr "Habilita FAST"
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "Selects the principal to use for FAST"
msgstr "Selecciona el principal para su uso por FAST"
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:218
msgid "Enables principal canonicalization"
msgstr "Habilita canonicalización principal"
-#: src/config/SSSDConfig/__init__.py.in:217
+#: src/config/SSSDConfig/__init__.py.in:219
msgid "Enables enterprise principals"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:220
-#: src/config/SSSDConfig/__init__.py.in:221
+msgid "A mapping from user names to kerberos principal names"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:224
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
"El servidor en donde está ejecutándose el servicio de modificación de "
"contraseña, en caso de no ser KDC. "
-#: src/config/SSSDConfig/__init__.py.in:224
+#: src/config/SSSDConfig/__init__.py.in:227
msgid "ldap_uri, The URI of the LDAP server"
msgstr "ldap_uri, El URI del servidor LDAP"
-#: src/config/SSSDConfig/__init__.py.in:225
+#: src/config/SSSDConfig/__init__.py.in:228
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:226
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "The default base DN"
msgstr "DN base predeterminado"
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr "El Tipo de Esquema a usar en el servidor LDAP, rfc2307"
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "The default bind DN"
msgstr "El DN Bind predeterminado"
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "The type of the authentication token of the default bind DN"
msgstr "El tipo del token de autenticación del DN bind predeterminado"
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "The authentication token of the default bind DN"
msgstr "El token de autenticación del DN bind predeterminado"
-#: src/config/SSSDConfig/__init__.py.in:231
+#: src/config/SSSDConfig/__init__.py.in:234
msgid "Length of time to attempt connection"
msgstr "Tiempo durante el que se intentará la conexión"
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Length of time to attempt synchronous LDAP operations"
msgstr "Tiempo durante el que se intentará operaciones LDAP sincrónicas"
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "Length of time between attempts to reconnect while offline"
msgstr "Tiempo entre intentos de reconexión cuando esté fuera de línea"
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Use only the upper case for realm names"
msgstr "Use solo el caso superior para nombres reales"
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "File that contains CA certificates"
msgstr "Archivo que contiene los certificados CA"
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Path to CA certificate directory"
msgstr "Ruta hacia un directorio certificado CA"
-#: src/config/SSSDConfig/__init__.py.in:237
+#: src/config/SSSDConfig/__init__.py.in:240
msgid "File that contains the client certificate"
msgstr "Fichero que contiene el certificado de cliente"
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "File that contains the client key"
msgstr "Fichero que contiene la llave de cliente"
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "List of possible ciphers suites"
msgstr "Lista de posibles suites de cifrado"
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "Require TLS certificate verification"
msgstr "Requiere la verificación de certificado TLS"
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "Specify the sasl mechanism to use"
msgstr "Especificar el mecanismo sasl a usar"
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "Specify the sasl authorization id to use"
msgstr "Especifique el id de autorización sasl a usar"
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "Specify the sasl authorization realm to use"
msgstr "Especifica el reinado de autorización sasl a ser utilizado"
-#: src/config/SSSDConfig/__init__.py.in:244
+#: src/config/SSSDConfig/__init__.py.in:247
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr "Especificar los SSF mínimos para autorizaciones sasl de LDAP"
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Kerberos service keytab"
msgstr "Tabla de clave del servicio Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "Use Kerberos auth for LDAP connection"
msgstr "Usar auth Kerberos para la conexión LDAP"
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "Follow LDAP referrals"
msgstr "Seguir referencias LDAP"
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "Lifetime of TGT for LDAP connection"
msgstr "Período de vida del TGT para la conexión LDAP"
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "How to dereference aliases"
msgstr "Como eliminar aliases"
-#: src/config/SSSDConfig/__init__.py.in:250
+#: src/config/SSSDConfig/__init__.py.in:253
msgid "Service name for DNS service lookups"
msgstr "Nombre de servicio para busquedas de servicios DNS"
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "The number of records to retrieve in a single LDAP query"
msgstr "La cantidad de registros a ser obtenidos en una única consulta LDAP"
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
"La cantidad de miembros que deben faltar para desencadenar una deref completa"
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
@@ -774,503 +786,503 @@ msgstr ""
"Si la Biblioteca LDAP debería realizar una búsqueda inversa para "
"canonicalizar el nombre del host durante un enlace SASL"
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "entryUSN attribute"
msgstr "atributo entryUSN"
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "lastUSN attribute"
msgstr "atributo lastUSN"
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
"El período de tiempo máximo para retener una conexión con el servidor LDAP "
"antes de desconectar"
-#: src/config/SSSDConfig/__init__.py.in:260
+#: src/config/SSSDConfig/__init__.py.in:263
msgid "Disable the LDAP paging control"
msgstr "Deshabilita el control de paginación LDAP"
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "Disable Active Directory range retrieval"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "Length of time to wait for a search request"
msgstr "Tiempo máximo a esperar un pedido de búsqueda"
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "Length of time to wait for a enumeration request"
msgstr "periodo de espera para solicitud de enumeración"
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "Length of time between enumeration updates"
msgstr "Tiempo en segundos entre las actualizaciones de enumeración"
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "Length of time between cache cleanups"
msgstr "periodo de tiempo entre borrados de la caché"
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "Require TLS for ID lookups"
msgstr "Requiere TLS para búsquedas de ID"
-#: src/config/SSSDConfig/__init__.py.in:269
+#: src/config/SSSDConfig/__init__.py.in:272
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:270
+#: src/config/SSSDConfig/__init__.py.in:273
msgid "Base DN for user lookups"
msgstr "DN base para búsquedas de usuario"
-#: src/config/SSSDConfig/__init__.py.in:271
+#: src/config/SSSDConfig/__init__.py.in:274
msgid "Scope of user lookups"
msgstr "Ambito de las búsquedas del usuario"
-#: src/config/SSSDConfig/__init__.py.in:272
+#: src/config/SSSDConfig/__init__.py.in:275
msgid "Filter for user lookups"
msgstr "Filtro para las búsquedas del usuario"
-#: src/config/SSSDConfig/__init__.py.in:273
+#: src/config/SSSDConfig/__init__.py.in:276
msgid "Objectclass for users"
msgstr "Objectclass para los usuarios"
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Username attribute"
msgstr "Atributo Username"
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "UID attribute"
msgstr "Atributo UID"
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "Primary GID attribute"
msgstr "Atributo GID primario"
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "GECOS attribute"
msgstr "Atributo GECOS"
-#: src/config/SSSDConfig/__init__.py.in:279
+#: src/config/SSSDConfig/__init__.py.in:282
msgid "Home directory attribute"
msgstr "Atributo Directorio de inicio"
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "Shell attribute"
msgstr "Atributo shell"
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
#, fuzzy
msgid "UUID attribute"
msgstr "Atributo UID"
-#: src/config/SSSDConfig/__init__.py.in:282
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:322
msgid "objectSID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Active Directory primary group attribute for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:284
+#: src/config/SSSDConfig/__init__.py.in:287
msgid "User principal attribute (for Kerberos)"
msgstr "Atributo principal del usuario (para Kerberos) "
-#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:288
msgid "Full Name"
msgstr "Nombre completo"
-#: src/config/SSSDConfig/__init__.py.in:286
+#: src/config/SSSDConfig/__init__.py.in:289
msgid "memberOf attribute"
msgstr "Atributo memberOf"
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Modification time attribute"
msgstr "Atributo hora de modificación"
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "shadowLastChange attribute"
msgstr "atributo shadowLastChange"
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "shadowMin attribute"
msgstr "atributo shadowMin "
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "shadowMax attribute"
msgstr "atributo shadowMax"
-#: src/config/SSSDConfig/__init__.py.in:292
+#: src/config/SSSDConfig/__init__.py.in:295
msgid "shadowWarning attribute"
msgstr "atributo shadowWarning "
-#: src/config/SSSDConfig/__init__.py.in:293
+#: src/config/SSSDConfig/__init__.py.in:296
msgid "shadowInactive attribute"
msgstr "atributo shadowInactive "
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "shadowExpire attribute"
msgstr "atributo shadowExpire"
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "shadowFlag attribute"
msgstr "atributo shadowFlag "
-#: src/config/SSSDConfig/__init__.py.in:296
+#: src/config/SSSDConfig/__init__.py.in:299
msgid "Attribute listing authorized PAM services"
msgstr "listado de atributos de servicios PAM autorizados"
-#: src/config/SSSDConfig/__init__.py.in:297
+#: src/config/SSSDConfig/__init__.py.in:300
msgid "Attribute listing authorized server hosts"
msgstr "Atributo de listado de equipos de servidor autorizados"
-#: src/config/SSSDConfig/__init__.py.in:298
+#: src/config/SSSDConfig/__init__.py.in:301
msgid "krbLastPwdChange attribute"
msgstr "atributo krbLastPwdChange "
-#: src/config/SSSDConfig/__init__.py.in:299
+#: src/config/SSSDConfig/__init__.py.in:302
msgid "krbPasswordExpiration attribute"
msgstr "atributo krbPasswordExpiration "
-#: src/config/SSSDConfig/__init__.py.in:300
+#: src/config/SSSDConfig/__init__.py.in:303
msgid "Attribute indicating that server side password policies are active"
msgstr ""
"atributo indicando que las políticas de contraseña del lado del servidor "
"están activas"
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "accountExpires attribute of AD"
msgstr "atributo accountExpires de AD"
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "userAccountControl attribute of AD"
msgstr "atributo userAccountControl de AD"
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "nsAccountLock attribute"
msgstr "atributo nsAccountLock "
-#: src/config/SSSDConfig/__init__.py.in:304
+#: src/config/SSSDConfig/__init__.py.in:307
msgid "loginDisabled attribute of NDS"
msgstr "loginDisabled atributo de NDS"
-#: src/config/SSSDConfig/__init__.py.in:305
+#: src/config/SSSDConfig/__init__.py.in:308
msgid "loginExpirationTime attribute of NDS"
msgstr "loginExpirationTime atributo de NDS"
-#: src/config/SSSDConfig/__init__.py.in:306
+#: src/config/SSSDConfig/__init__.py.in:309
msgid "loginAllowedTimeMap attribute of NDS"
msgstr "loginAllowedTimeMap atributo de NDS"
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "SSH public key attribute"
msgstr "Atributo de clave pública SSH"
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "A list of extra attributes to download along with the user entry"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:310
+#: src/config/SSSDConfig/__init__.py.in:313
msgid "Base DN for group lookups"
msgstr "DN base para busqueda de grupos"
-#: src/config/SSSDConfig/__init__.py.in:313
+#: src/config/SSSDConfig/__init__.py.in:316
msgid "Objectclass for groups"
msgstr "clase objeto para"
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "Group name"
msgstr "Nombre del grupo"
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Group password"
msgstr "Contraseña del grupo"
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid "GID attribute"
msgstr "Atributo GID"
-#: src/config/SSSDConfig/__init__.py.in:317
+#: src/config/SSSDConfig/__init__.py.in:320
msgid "Group member attribute"
msgstr "Atributo de miembro del grupo"
-#: src/config/SSSDConfig/__init__.py.in:318
+#: src/config/SSSDConfig/__init__.py.in:321
#, fuzzy
msgid "Group UUID attribute"
msgstr "Atributo UID"
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "Modification time attribute for groups"
msgstr "Atributo de modificación de tiempo para los grupos"
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "Type of the group and other flags"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:323
+#: src/config/SSSDConfig/__init__.py.in:326
msgid "Maximum nesting level SSSd will follow"
msgstr "A continuación, nivel SSSD de anidado máximo"
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Base DN for netgroup lookups"
msgstr "DN base para búsquedas de grupos de red"
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Objectclass for netgroups"
msgstr "Clases de objetos para grupos de red"
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Netgroup name"
msgstr "Nombre de grupo de red"
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Netgroups members attribute"
msgstr "Atributo de miembros de grupos de red"
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid "Netgroup triple attribute"
msgstr "Atributo triple de grupo de red"
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "Modification time attribute for netgroups"
msgstr "Atributo de modificación de tiempo para grupos de red"
-#: src/config/SSSDConfig/__init__.py.in:332
+#: src/config/SSSDConfig/__init__.py.in:335
msgid "Base DN for service lookups"
msgstr "Base DN para servicio de búsquedas"
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Objectclass for services"
msgstr "Clase de objeto para servicio"
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Service name attribute"
msgstr "Atributo de nombre de servicio"
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Service port attribute"
msgstr "Atributo de puerto de servicio"
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Service protocol attribute"
msgstr "Atributo de protocolo de servidor"
-#: src/config/SSSDConfig/__init__.py.in:339
+#: src/config/SSSDConfig/__init__.py.in:342
msgid "Lower bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:340
+#: src/config/SSSDConfig/__init__.py.in:343
msgid "Upper bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:343
+#: src/config/SSSDConfig/__init__.py.in:346
msgid "Name of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:344
+#: src/config/SSSDConfig/__init__.py.in:347
msgid "SID of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:347
+#: src/config/SSSDConfig/__init__.py.in:350
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:348
+#: src/config/SSSDConfig/__init__.py.in:351
msgid "Whether to use Token-Groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "Set lower boundary for allowed IDs from the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Set upper boundary for allowed IDs from the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:351
+#: src/config/SSSDConfig/__init__.py.in:354
msgid "DN for ppolicy queries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:354
+#: src/config/SSSDConfig/__init__.py.in:357
msgid "Policy to evaluate the password expiration"
msgstr "Política para evaluar el vencimiento de la contraseña"
-#: src/config/SSSDConfig/__init__.py.in:358
+#: src/config/SSSDConfig/__init__.py.in:361
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
"Los atributos que deberán ser utilizados para evaluar si una cuenta ha "
"expirado"
-#: src/config/SSSDConfig/__init__.py.in:359
+#: src/config/SSSDConfig/__init__.py.in:362
msgid "Which rules should be used to evaluate access control"
msgstr "Las reglas que deberían ser utilizadas para evaluar control de acceso"
-#: src/config/SSSDConfig/__init__.py.in:362
+#: src/config/SSSDConfig/__init__.py.in:365
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
"URI de un servidor LDAP donde se permite la modificación de contraseñas"
-#: src/config/SSSDConfig/__init__.py.in:363
+#: src/config/SSSDConfig/__init__.py.in:366
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:364
+#: src/config/SSSDConfig/__init__.py.in:367
msgid "DNS service name for LDAP password change server"
msgstr ""
"Nombre del servicio DNS para el servidor de modificación de contraseñas LDAP"
-#: src/config/SSSDConfig/__init__.py.in:365
+#: src/config/SSSDConfig/__init__.py.in:368
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:368
+#: src/config/SSSDConfig/__init__.py.in:371
msgid "Base DN for sudo rules lookups"
msgstr "Base DN para búsquedas de reglas sudo"
-#: src/config/SSSDConfig/__init__.py.in:369
+#: src/config/SSSDConfig/__init__.py.in:372
msgid "Automatic full refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:370
+#: src/config/SSSDConfig/__init__.py.in:373
msgid "Automatic smart refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:371
+#: src/config/SSSDConfig/__init__.py.in:374
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:372
+#: src/config/SSSDConfig/__init__.py.in:375
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:373
+#: src/config/SSSDConfig/__init__.py.in:376
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:374
+#: src/config/SSSDConfig/__init__.py.in:377
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:375
+#: src/config/SSSDConfig/__init__.py.in:378
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:376
+#: src/config/SSSDConfig/__init__.py.in:379
msgid "Object class for sudo rules"
msgstr "Objeto clase para reglas sudo"
-#: src/config/SSSDConfig/__init__.py.in:377
+#: src/config/SSSDConfig/__init__.py.in:380
msgid "Sudo rule name"
msgstr "Nombre de regla sudo"
-#: src/config/SSSDConfig/__init__.py.in:378
+#: src/config/SSSDConfig/__init__.py.in:381
msgid "Sudo rule command attribute"
msgstr "Atributo de regla de comando sudo"
-#: src/config/SSSDConfig/__init__.py.in:379
+#: src/config/SSSDConfig/__init__.py.in:382
msgid "Sudo rule host attribute"
msgstr "Atributo de la regla host de sudo"
-#: src/config/SSSDConfig/__init__.py.in:380
+#: src/config/SSSDConfig/__init__.py.in:383
msgid "Sudo rule user attribute"
msgstr "Atributo de la regla usuario de sudo"
-#: src/config/SSSDConfig/__init__.py.in:381
+#: src/config/SSSDConfig/__init__.py.in:384
msgid "Sudo rule option attribute"
msgstr "Atributo de la regla opción de sudo"
-#: src/config/SSSDConfig/__init__.py.in:382
+#: src/config/SSSDConfig/__init__.py.in:385
msgid "Sudo rule runas attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:383
+#: src/config/SSSDConfig/__init__.py.in:386
msgid "Sudo rule runasuser attribute"
msgstr "Atributo de la regla suda runasuser"
-#: src/config/SSSDConfig/__init__.py.in:384
+#: src/config/SSSDConfig/__init__.py.in:387
msgid "Sudo rule runasgroup attribute"
msgstr "Atributo de regla runasgroup de sudo"
-#: src/config/SSSDConfig/__init__.py.in:385
+#: src/config/SSSDConfig/__init__.py.in:388
msgid "Sudo rule notbefore attribute"
msgstr "Atributo de regla notbefore de sudo"
-#: src/config/SSSDConfig/__init__.py.in:386
+#: src/config/SSSDConfig/__init__.py.in:389
msgid "Sudo rule notafter attribute"
msgstr "Atributo de regla noafter de sudo"
-#: src/config/SSSDConfig/__init__.py.in:387
+#: src/config/SSSDConfig/__init__.py.in:390
msgid "Sudo rule order attribute"
msgstr "Atributo de regla orden de sudo"
-#: src/config/SSSDConfig/__init__.py.in:390
+#: src/config/SSSDConfig/__init__.py.in:393
msgid "Object class for automounter maps"
msgstr "Objeto clase para mapas automontador"
-#: src/config/SSSDConfig/__init__.py.in:391
+#: src/config/SSSDConfig/__init__.py.in:394
msgid "Automounter map name attribute"
msgstr "Atributo de nombre de mapa de automontador"
-#: src/config/SSSDConfig/__init__.py.in:392
+#: src/config/SSSDConfig/__init__.py.in:395
msgid "Object class for automounter map entries"
msgstr "Objeto clase para entradas de mapa de automontador"
-#: src/config/SSSDConfig/__init__.py.in:393
+#: src/config/SSSDConfig/__init__.py.in:396
msgid "Automounter map entry key attribute"
msgstr "Atributo de clave de entrada para mapa de automontador"
-#: src/config/SSSDConfig/__init__.py.in:394
+#: src/config/SSSDConfig/__init__.py.in:397
msgid "Automounter map entry value attribute"
msgstr "Atributo de valor de entrada para mapa de automontador"
-#: src/config/SSSDConfig/__init__.py.in:395
+#: src/config/SSSDConfig/__init__.py.in:398
msgid "Base DN for automounter map lookups"
msgstr "Base DN para búsquedas de mapa de automontador"
-#: src/config/SSSDConfig/__init__.py.in:398
+#: src/config/SSSDConfig/__init__.py.in:401
msgid "Comma separated list of allowed users"
msgstr "Lista separada por comas de usuarios autorizados"
-#: src/config/SSSDConfig/__init__.py.in:399
+#: src/config/SSSDConfig/__init__.py.in:402
msgid "Comma separated list of prohibited users"
msgstr "Lista separada por comas de usuarios prohibidos"
-#: src/config/SSSDConfig/__init__.py.in:402
+#: src/config/SSSDConfig/__init__.py.in:405
msgid "Default shell, /bin/bash"
msgstr "Shell predeterminado, /bin/bash"
-#: src/config/SSSDConfig/__init__.py.in:403
+#: src/config/SSSDConfig/__init__.py.in:406
msgid "Base for home directories"
msgstr "Base de los directorios de inicio"
-#: src/config/SSSDConfig/__init__.py.in:406
+#: src/config/SSSDConfig/__init__.py.in:409
msgid "The name of the NSS library to use"
msgstr "Nombre de la biblioteca NSS a usar"
-#: src/config/SSSDConfig/__init__.py.in:407
+#: src/config/SSSDConfig/__init__.py.in:410
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:410
+#: src/config/SSSDConfig/__init__.py.in:413
msgid "PAM stack to use"
msgstr "Pila PAM a usar"
@@ -1290,26 +1302,26 @@ msgstr "Indicar un archivo de configuración diferente al predeterminado"
msgid "Print version number and exit"
msgstr "Muestra el número de versión y finaliza"
-#: src/providers/krb5/krb5_child.c:2342 src/providers/ldap/ldap_child.c:589
+#: src/providers/krb5/krb5_child.c:2342 src/providers/ldap/ldap_child.c:609
#: src/util/util.h:108
msgid "Debug level"
msgstr "Nive de depuración"
-#: src/providers/krb5/krb5_child.c:2344 src/providers/ldap/ldap_child.c:591
+#: src/providers/krb5/krb5_child.c:2344 src/providers/ldap/ldap_child.c:611
#: src/util/util.h:114
msgid "Add debug timestamps"
msgstr "Agregar marcas de tiempo de depuración"
-#: src/providers/krb5/krb5_child.c:2346 src/providers/ldap/ldap_child.c:593
+#: src/providers/krb5/krb5_child.c:2346 src/providers/ldap/ldap_child.c:613
#: src/util/util.h:116
msgid "Show timestamps with microseconds"
msgstr "Mostrar marcas de tiempo con microsegundos"
-#: src/providers/krb5/krb5_child.c:2348 src/providers/ldap/ldap_child.c:595
+#: src/providers/krb5/krb5_child.c:2348 src/providers/ldap/ldap_child.c:615
msgid "An open file descriptor for the debug logs"
msgstr "Un arhivo abierto de descriptor para los registros de depuración"
-#: src/providers/krb5/krb5_child.c:2351 src/providers/ldap/ldap_child.c:597
+#: src/providers/krb5/krb5_child.c:2351 src/providers/ldap/ldap_child.c:617
#: src/util/util.h:112
msgid "Send the debug output to stderr directly."
msgstr ""
@@ -1322,100 +1334,105 @@ msgstr ""
msgid "The group to create FAST ccache as"
msgstr ""
-#: src/providers/data_provider_be.c:2833
+#: src/providers/data_provider_be.c:2834
msgid "Domain of the information provider (mandatory)"
msgstr "Dominio del proveedor de información (obligatorio)"
-#: src/sss_client/common.c:969
+#: src/sss_client/common.c:971
msgid "Privileged socket has wrong ownership or permissions."
msgstr "El zócalo privilegiado posee permisos o pertenencia equivocados."
-#: src/sss_client/common.c:972
+#: src/sss_client/common.c:974
msgid "Public socket has wrong ownership or permissions."
msgstr "El zócalo público posee permisos o pertenencia equivocados."
-#: src/sss_client/common.c:975
+#: src/sss_client/common.c:977
msgid "Unexpected format of the server credential message."
msgstr "Formato no esperado del mensaje de la credencial del servidor."
-#: src/sss_client/common.c:978
+#: src/sss_client/common.c:980
msgid "SSSD is not run by root."
msgstr "SSSD no está siendo ejecutado por el usuario root."
-#: src/sss_client/common.c:983
+#: src/sss_client/common.c:985
msgid "An error occurred, but no description can be found."
msgstr "Ha ocurrido un error, pero no se ha podido encontrar una descripción."
-#: src/sss_client/common.c:989
+#: src/sss_client/common.c:991
msgid "Unexpected error while looking for an error description"
msgstr ""
"Ha ocurrido un error no esperado mientras se buscaba la descripción del error"
-#: src/sss_client/pam_sss.c:398
+#: src/sss_client/pam_sss.c:63
+msgid "Permission denied. "
+msgstr ""
+
+#: src/sss_client/pam_sss.c:64 src/sss_client/pam_sss.c:883
+#: src/sss_client/pam_sss.c:894
+msgid "Server message: "
+msgstr "Mensaje del servidor:"
+
+#: src/sss_client/pam_sss.c:401
msgid "Passwords do not match"
msgstr "Las contraseñas no coinciden"
-#: src/sss_client/pam_sss.c:586
+#: src/sss_client/pam_sss.c:589
msgid "Password reset by root is not supported."
msgstr "No existe soporte para reseteado de la contraseña por el usuario root."
-#: src/sss_client/pam_sss.c:627
+#: src/sss_client/pam_sss.c:630
msgid "Authenticated with cached credentials"
msgstr "Autenticado mediante credenciales cacheada"
-#: src/sss_client/pam_sss.c:628
+#: src/sss_client/pam_sss.c:631
msgid ", your cached password will expire at: "
msgstr ", su contraseña cacheada vencerá el:"
-#: src/sss_client/pam_sss.c:658
+#: src/sss_client/pam_sss.c:661
#, c-format
msgid "Your password has expired. You have %1$d grace login(s) remaining."
msgstr ""
-#: src/sss_client/pam_sss.c:704
+#: src/sss_client/pam_sss.c:707
#, c-format
msgid "Your password will expire in %1$d %2$s."
msgstr ""
-#: src/sss_client/pam_sss.c:753
+#: src/sss_client/pam_sss.c:756
msgid "Authentication is denied until: "
msgstr "La autenticación ha sido denegada hasta:"
-#: src/sss_client/pam_sss.c:774
+#: src/sss_client/pam_sss.c:777
msgid "System is offline, password change not possible"
msgstr "El sistema está fuera de línea, no se puede cambiar la contraseña"
-#: src/sss_client/pam_sss.c:789
+#: src/sss_client/pam_sss.c:792
msgid ""
"After changing the OTP password, you need to log out and back in order to "
"acquire a ticket"
msgstr ""
-#: src/sss_client/pam_sss.c:820 src/sss_client/pam_sss.c:833
+#: src/sss_client/pam_sss.c:880 src/sss_client/pam_sss.c:893
msgid "Password change failed. "
msgstr "Falló el cambio de contraseña."
-#: src/sss_client/pam_sss.c:823 src/sss_client/pam_sss.c:834
-msgid "Server message: "
-msgstr "Mensaje del servidor:"
-
-#: src/sss_client/pam_sss.c:1274
+#: src/sss_client/pam_sss.c:1336
msgid "New Password: "
msgstr "Nueva contraseña: "
-#: src/sss_client/pam_sss.c:1275
+#: src/sss_client/pam_sss.c:1337
msgid "Reenter new Password: "
msgstr "Reingrese la contraseña nueva:"
-#: src/sss_client/pam_sss.c:1374
+#: src/sss_client/pam_sss.c:1436
msgid "Password: "
msgstr "Contraseña: "
-#: src/sss_client/pam_sss.c:1406
+#: src/sss_client/pam_sss.c:1468
msgid "Current Password: "
msgstr "Contraseña actual: "
-#: src/sss_client/pam_sss.c:1582
+#: src/sss_client/pam_sss.c:1644
msgid "Password expired. Change your password now."
msgstr "La contraseña ha expirado. Modifíquela en este preciso momento."
diff --git a/po/eu.po b/po/eu.po
index 9eed4a200..43c6e94d7 100644
--- a/po/eu.po
+++ b/po/eu.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2015-02-18 16:53+0100\n"
+"POT-Creation-Date: 2015-06-12 10:37+0200\n"
"PO-Revision-Date: 2014-06-04 02:04-0400\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Basque (http://www.transifex.com/projects/p/sssd/language/"
@@ -18,7 +18,7 @@ msgstr ""
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"
-"X-Generator: Zanata 3.5.1\n"
+"X-Generator: Zanata 3.6.2\n"
#: src/config/SSSDConfig/__init__.py.in:43
msgid "Set the verbosity of the debug logging"
@@ -104,7 +104,7 @@ msgid "Entry cache background update timeout length (seconds)"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:67
-#: src/config/SSSDConfig/__init__.py.in:96
+#: src/config/SSSDConfig/__init__.py.in:97
msgid "Negative cache timeout length (seconds)"
msgstr ""
@@ -198,1025 +198,1037 @@ msgstr ""
msgid "List of domains accessible even for untrusted users."
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:93
+#: src/config/SSSDConfig/__init__.py.in:91
+msgid "Message printed when user account is expired."
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:94
msgid "Whether to evaluate the time-based attributes in sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:99
+#: src/config/SSSDConfig/__init__.py.in:100
msgid "Whether to hash host names and addresses in the known_hosts file"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:100
+#: src/config/SSSDConfig/__init__.py.in:101
msgid ""
"How many seconds to keep a host in the known_hosts file after its host keys "
"were requested"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:103
+#: src/config/SSSDConfig/__init__.py.in:104
msgid "List of UIDs or user names allowed to access the PAC responder"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:106
+#: src/config/SSSDConfig/__init__.py.in:107
msgid "List of UIDs or user names allowed to access the InfoPipe responder"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:107
+#: src/config/SSSDConfig/__init__.py.in:108
msgid "List of user attributes the InfoPipe is allowed to publish"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:110
+#: src/config/SSSDConfig/__init__.py.in:111
msgid "Identity provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:111
+#: src/config/SSSDConfig/__init__.py.in:112
msgid "Authentication provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:112
+#: src/config/SSSDConfig/__init__.py.in:113
msgid "Access control provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:113
+#: src/config/SSSDConfig/__init__.py.in:114
msgid "Password change provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:114
+#: src/config/SSSDConfig/__init__.py.in:115
msgid "SUDO provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:115
+#: src/config/SSSDConfig/__init__.py.in:116
msgid "Autofs provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:116
+#: src/config/SSSDConfig/__init__.py.in:117
msgid "Session-loading provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:117
+#: src/config/SSSDConfig/__init__.py.in:118
msgid "Host identity provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:120
+#: src/config/SSSDConfig/__init__.py.in:121
msgid "Minimum user ID"
msgstr "Gutxienezko erabiltzaile IDa"
-#: src/config/SSSDConfig/__init__.py.in:121
+#: src/config/SSSDConfig/__init__.py.in:122
msgid "Maximum user ID"
msgstr "Gehienezko erabiltzaile IDa"
-#: src/config/SSSDConfig/__init__.py.in:122
+#: src/config/SSSDConfig/__init__.py.in:123
msgid "Enable enumerating all users/groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:123
+#: src/config/SSSDConfig/__init__.py.in:124
msgid "Cache credentials for offline login"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:124
+#: src/config/SSSDConfig/__init__.py.in:125
msgid "Store password hashes"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:125
+#: src/config/SSSDConfig/__init__.py.in:126
msgid "Display users/groups in fully-qualified form"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:126
+#: src/config/SSSDConfig/__init__.py.in:127
msgid "Don't include group members in group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:127
-#: src/config/SSSDConfig/__init__.py.in:134
+#: src/config/SSSDConfig/__init__.py.in:128
#: src/config/SSSDConfig/__init__.py.in:135
#: src/config/SSSDConfig/__init__.py.in:136
#: src/config/SSSDConfig/__init__.py.in:137
#: src/config/SSSDConfig/__init__.py.in:138
#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "Entry cache timeout length (seconds)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:128
+#: src/config/SSSDConfig/__init__.py.in:129
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:129
+#: src/config/SSSDConfig/__init__.py.in:130
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:130
+#: src/config/SSSDConfig/__init__.py.in:131
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "The domain part of service discovery DNS query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "Override GID value from the identity provider with this value"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Treat usernames as case sensitive"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "How often should expired entries be refreshed in background"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "Whether to automatically update the client's DNS entry"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:142
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:143
+#: src/config/SSSDConfig/__init__.py.in:159
msgid "The TTL to apply to the client's DNS entry after updating it"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:143
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:145
msgid "How often to periodically update the client's DNS entry"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:146
msgid "Whether the provider should explicitly update the PTR record as well"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:147
msgid "Whether the nsupdate utility should default to using TCP"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "What kind of authentication should be used to perform the DNS update"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:148
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "Control enumeration of trusted domains"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:149
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "How often should subdomains list be refreshed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:152
+#: src/config/SSSDConfig/__init__.py.in:151
+msgid "List of options that should be inherited into a subdomain"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:154
msgid "IPA domain"
msgstr "IPA domeinua"
-#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:155
msgid "IPA server address"
msgstr "IPA zerbitzariaren helbidea"
-#: src/config/SSSDConfig/__init__.py.in:154
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Address of backup IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:155
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "IPA client hostname"
msgstr "IPA bezeroaren ostalari-izena"
-#: src/config/SSSDConfig/__init__.py.in:156
+#: src/config/SSSDConfig/__init__.py.in:158
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:161
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:160
+#: src/config/SSSDConfig/__init__.py.in:162
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:161
+#: src/config/SSSDConfig/__init__.py.in:163
msgid ""
"The amount of time in seconds between lookups of the SELinux maps against "
"the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:162
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "The automounter location this IPA client is using"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Search base for object containing info about IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:168
msgid "Search base for objects containing info about ID ranges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:167
-#: src/config/SSSDConfig/__init__.py.in:181
+#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:183
msgid "Enable DNS sites - location based service discovery"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:168
+#: src/config/SSSDConfig/__init__.py.in:170
msgid "Search base for view containers"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:171
msgid "Objectclass for view containers"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:170
+#: src/config/SSSDConfig/__init__.py.in:172
msgid "Attribute with the name of the view"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
msgid "Objectclass for override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:172
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Attribute with the reference to the original object"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:175
msgid "Objectclass for user override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:176
msgid "Objectclass for group override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "Active Directory domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "Active Directory server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "Active Directory backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "Active Directory client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:182
-#: src/config/SSSDConfig/__init__.py.in:357
+#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:360
msgid "LDAP filter to determine access privileges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:183
+#: src/config/SSSDConfig/__init__.py.in:185
msgid "Whether to use the Global Catalog for lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Operation mode for GPO-based access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:187
msgid ""
"The amount of time between lookups of the GPO policy files against the AD "
"server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:186
+#: src/config/SSSDConfig/__init__.py.in:188
msgid ""
"PAM service names that map to the GPO (Deny)InteractiveLogonRight policy "
"settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:189
msgid ""
"PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight "
"policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:190
msgid ""
"PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:191
msgid ""
"PAM service names that map to the GPO (Deny)BatchLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:192
msgid ""
"PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "PAM service names for which GPO-based access is always granted"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "PAM service names for which GPO-based access is always denied"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:195
msgid ""
"Default logon right (or permit/deny) to use for unmapped PAM service names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "a particular site to be used by the client"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:197
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "Kerberos server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Kerberos backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "Kerberos realm"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "Authentication timeout"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "Whether to create kdcinfo files"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "Where to drop krb5 config snippets"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "Directory to store credential caches"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:207
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "Location of the user's credential cache"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:210
msgid "Location of the keytab to validate credentials"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:209
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "Enable credential validation"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:212
msgid "Store password if offline for later online authentication"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:211
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:212
+#: src/config/SSSDConfig/__init__.py.in:214
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:215
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "Enables FAST"
msgstr "FAST gaitzen du"
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "Selects the principal to use for FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:218
msgid "Enables principal canonicalization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:217
+#: src/config/SSSDConfig/__init__.py.in:219
msgid "Enables enterprise principals"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:220
-#: src/config/SSSDConfig/__init__.py.in:221
-msgid "Server where the change password service is running if not on the KDC"
+msgid "A mapping from user names to kerberos principal names"
msgstr ""
+#: src/config/SSSDConfig/__init__.py.in:223
#: src/config/SSSDConfig/__init__.py.in:224
+msgid "Server where the change password service is running if not on the KDC"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:227
msgid "ldap_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:225
+#: src/config/SSSDConfig/__init__.py.in:228
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:226
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "The default base DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "The default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "The type of the authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "The authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:231
+#: src/config/SSSDConfig/__init__.py.in:234
msgid "Length of time to attempt connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Length of time to attempt synchronous LDAP operations"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "Length of time between attempts to reconnect while offline"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "File that contains CA certificates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Path to CA certificate directory"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:237
+#: src/config/SSSDConfig/__init__.py.in:240
msgid "File that contains the client certificate"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "File that contains the client key"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "Require TLS certificate verification"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "Specify the sasl mechanism to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "Specify the sasl authorization id to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "Specify the sasl authorization realm to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:244
+#: src/config/SSSDConfig/__init__.py.in:247
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Kerberos service keytab"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "Use Kerberos auth for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "Follow LDAP referrals"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "Lifetime of TGT for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:250
+#: src/config/SSSDConfig/__init__.py.in:253
msgid "Service name for DNS service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "entryUSN attribute"
msgstr "entryUSN atributua"
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "lastUSN attribute"
msgstr "lastUSN atributua"
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:260
+#: src/config/SSSDConfig/__init__.py.in:263
msgid "Disable the LDAP paging control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "Disable Active Directory range retrieval"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "Length of time to wait for a search request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "Length of time to wait for a enumeration request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "Length of time between enumeration updates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "Length of time between cache cleanups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "Require TLS for ID lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:269
+#: src/config/SSSDConfig/__init__.py.in:272
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:270
+#: src/config/SSSDConfig/__init__.py.in:273
msgid "Base DN for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:271
+#: src/config/SSSDConfig/__init__.py.in:274
msgid "Scope of user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:272
+#: src/config/SSSDConfig/__init__.py.in:275
msgid "Filter for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:273
+#: src/config/SSSDConfig/__init__.py.in:276
msgid "Objectclass for users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Username attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "UID attribute"
msgstr "UID atributua"
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "Primary GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "GECOS attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:279
+#: src/config/SSSDConfig/__init__.py.in:282
msgid "Home directory attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "Shell attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
#, fuzzy
msgid "UUID attribute"
msgstr "UID atributua"
-#: src/config/SSSDConfig/__init__.py.in:282
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:322
msgid "objectSID attribute"
msgstr "objectSID atributua"
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Active Directory primary group attribute for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:284
+#: src/config/SSSDConfig/__init__.py.in:287
msgid "User principal attribute (for Kerberos)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:288
msgid "Full Name"
msgstr "Izen osoa"
-#: src/config/SSSDConfig/__init__.py.in:286
+#: src/config/SSSDConfig/__init__.py.in:289
msgid "memberOf attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Modification time attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "shadowLastChange attribute"
msgstr "shadowLastChange atributua"
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "shadowMin attribute"
msgstr "shadowMin atributua"
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "shadowMax attribute"
msgstr "shadowMax atributua"
-#: src/config/SSSDConfig/__init__.py.in:292
+#: src/config/SSSDConfig/__init__.py.in:295
msgid "shadowWarning attribute"
msgstr "shadowWarning atributua"
-#: src/config/SSSDConfig/__init__.py.in:293
+#: src/config/SSSDConfig/__init__.py.in:296
msgid "shadowInactive attribute"
msgstr "shadowInactive atributua"
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "shadowExpire attribute"
msgstr "shadowExpire atributua"
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "shadowFlag attribute"
msgstr "shadowFlag atributua"
-#: src/config/SSSDConfig/__init__.py.in:296
+#: src/config/SSSDConfig/__init__.py.in:299
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:297
+#: src/config/SSSDConfig/__init__.py.in:300
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:298
+#: src/config/SSSDConfig/__init__.py.in:301
msgid "krbLastPwdChange attribute"
msgstr "krbLastPwdChange atributua"
-#: src/config/SSSDConfig/__init__.py.in:299
+#: src/config/SSSDConfig/__init__.py.in:302
msgid "krbPasswordExpiration attribute"
msgstr "krbPasswordExpiration atributua"
-#: src/config/SSSDConfig/__init__.py.in:300
+#: src/config/SSSDConfig/__init__.py.in:303
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "accountExpires attribute of AD"
msgstr "ADren accountExpires atributua"
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "userAccountControl attribute of AD"
msgstr "ADren userAccountControl atributua"
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "nsAccountLock attribute"
msgstr "nsAccountLock atributua"
-#: src/config/SSSDConfig/__init__.py.in:304
+#: src/config/SSSDConfig/__init__.py.in:307
msgid "loginDisabled attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:305
+#: src/config/SSSDConfig/__init__.py.in:308
msgid "loginExpirationTime attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:306
+#: src/config/SSSDConfig/__init__.py.in:309
msgid "loginAllowedTimeMap attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "SSH public key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "A list of extra attributes to download along with the user entry"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:310
+#: src/config/SSSDConfig/__init__.py.in:313
msgid "Base DN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:313
+#: src/config/SSSDConfig/__init__.py.in:316
msgid "Objectclass for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "Group name"
msgstr "Talde-izena"
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Group password"
msgstr "Taldearen pasahitza"
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid "GID attribute"
msgstr "GID atributua"
-#: src/config/SSSDConfig/__init__.py.in:317
+#: src/config/SSSDConfig/__init__.py.in:320
msgid "Group member attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:318
+#: src/config/SSSDConfig/__init__.py.in:321
#, fuzzy
msgid "Group UUID attribute"
msgstr "UID atributua"
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "Modification time attribute for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "Type of the group and other flags"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:323
+#: src/config/SSSDConfig/__init__.py.in:326
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Base DN for netgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Objectclass for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Netgroups members attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid "Netgroup triple attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "Modification time attribute for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:332
+#: src/config/SSSDConfig/__init__.py.in:335
msgid "Base DN for service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Objectclass for services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Service name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Service port attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Service protocol attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:339
+#: src/config/SSSDConfig/__init__.py.in:342
msgid "Lower bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:340
+#: src/config/SSSDConfig/__init__.py.in:343
msgid "Upper bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:343
+#: src/config/SSSDConfig/__init__.py.in:346
msgid "Name of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:344
+#: src/config/SSSDConfig/__init__.py.in:347
msgid "SID of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:347
+#: src/config/SSSDConfig/__init__.py.in:350
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:348
+#: src/config/SSSDConfig/__init__.py.in:351
msgid "Whether to use Token-Groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "Set lower boundary for allowed IDs from the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Set upper boundary for allowed IDs from the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:351
+#: src/config/SSSDConfig/__init__.py.in:354
msgid "DN for ppolicy queries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:354
+#: src/config/SSSDConfig/__init__.py.in:357
msgid "Policy to evaluate the password expiration"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:358
+#: src/config/SSSDConfig/__init__.py.in:361
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:359
+#: src/config/SSSDConfig/__init__.py.in:362
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:362
+#: src/config/SSSDConfig/__init__.py.in:365
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:363
+#: src/config/SSSDConfig/__init__.py.in:366
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:364
+#: src/config/SSSDConfig/__init__.py.in:367
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:365
+#: src/config/SSSDConfig/__init__.py.in:368
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:368
+#: src/config/SSSDConfig/__init__.py.in:371
msgid "Base DN for sudo rules lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:369
+#: src/config/SSSDConfig/__init__.py.in:372
msgid "Automatic full refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:370
+#: src/config/SSSDConfig/__init__.py.in:373
msgid "Automatic smart refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:371
+#: src/config/SSSDConfig/__init__.py.in:374
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:372
+#: src/config/SSSDConfig/__init__.py.in:375
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:373
+#: src/config/SSSDConfig/__init__.py.in:376
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:374
+#: src/config/SSSDConfig/__init__.py.in:377
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:375
+#: src/config/SSSDConfig/__init__.py.in:378
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:376
+#: src/config/SSSDConfig/__init__.py.in:379
msgid "Object class for sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:377
+#: src/config/SSSDConfig/__init__.py.in:380
msgid "Sudo rule name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:378
+#: src/config/SSSDConfig/__init__.py.in:381
msgid "Sudo rule command attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:379
+#: src/config/SSSDConfig/__init__.py.in:382
msgid "Sudo rule host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:380
+#: src/config/SSSDConfig/__init__.py.in:383
msgid "Sudo rule user attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:381
+#: src/config/SSSDConfig/__init__.py.in:384
msgid "Sudo rule option attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:382
+#: src/config/SSSDConfig/__init__.py.in:385
msgid "Sudo rule runas attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:383
+#: src/config/SSSDConfig/__init__.py.in:386
msgid "Sudo rule runasuser attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:384
+#: src/config/SSSDConfig/__init__.py.in:387
msgid "Sudo rule runasgroup attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:385
+#: src/config/SSSDConfig/__init__.py.in:388
msgid "Sudo rule notbefore attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:386
+#: src/config/SSSDConfig/__init__.py.in:389
msgid "Sudo rule notafter attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:387
+#: src/config/SSSDConfig/__init__.py.in:390
msgid "Sudo rule order attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:390
+#: src/config/SSSDConfig/__init__.py.in:393
msgid "Object class for automounter maps"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:391
+#: src/config/SSSDConfig/__init__.py.in:394
msgid "Automounter map name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:392
+#: src/config/SSSDConfig/__init__.py.in:395
msgid "Object class for automounter map entries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:393
+#: src/config/SSSDConfig/__init__.py.in:396
msgid "Automounter map entry key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:394
+#: src/config/SSSDConfig/__init__.py.in:397
msgid "Automounter map entry value attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:395
+#: src/config/SSSDConfig/__init__.py.in:398
msgid "Base DN for automounter map lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:398
+#: src/config/SSSDConfig/__init__.py.in:401
msgid "Comma separated list of allowed users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:399
+#: src/config/SSSDConfig/__init__.py.in:402
msgid "Comma separated list of prohibited users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:402
+#: src/config/SSSDConfig/__init__.py.in:405
msgid "Default shell, /bin/bash"
msgstr "Shell lehenetsia, /bin/bash"
-#: src/config/SSSDConfig/__init__.py.in:403
+#: src/config/SSSDConfig/__init__.py.in:406
msgid "Base for home directories"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:406
+#: src/config/SSSDConfig/__init__.py.in:409
msgid "The name of the NSS library to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:407
+#: src/config/SSSDConfig/__init__.py.in:410
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:410
+#: src/config/SSSDConfig/__init__.py.in:413
msgid "PAM stack to use"
msgstr ""
@@ -1236,26 +1248,26 @@ msgstr ""
msgid "Print version number and exit"
msgstr "Inprimatu bertsio zenbakia eta irten"
-#: src/providers/krb5/krb5_child.c:2342 src/providers/ldap/ldap_child.c:589
+#: src/providers/krb5/krb5_child.c:2342 src/providers/ldap/ldap_child.c:609
#: src/util/util.h:108
msgid "Debug level"
msgstr "Arazketa maila"
-#: src/providers/krb5/krb5_child.c:2344 src/providers/ldap/ldap_child.c:591
+#: src/providers/krb5/krb5_child.c:2344 src/providers/ldap/ldap_child.c:611
#: src/util/util.h:114
msgid "Add debug timestamps"
msgstr "Gehitu arazketako data-zigiluak"
-#: src/providers/krb5/krb5_child.c:2346 src/providers/ldap/ldap_child.c:593
+#: src/providers/krb5/krb5_child.c:2346 src/providers/ldap/ldap_child.c:613
#: src/util/util.h:116
msgid "Show timestamps with microseconds"
msgstr ""
-#: src/providers/krb5/krb5_child.c:2348 src/providers/ldap/ldap_child.c:595
+#: src/providers/krb5/krb5_child.c:2348 src/providers/ldap/ldap_child.c:615
msgid "An open file descriptor for the debug logs"
msgstr ""
-#: src/providers/krb5/krb5_child.c:2351 src/providers/ldap/ldap_child.c:597
+#: src/providers/krb5/krb5_child.c:2351 src/providers/ldap/ldap_child.c:617
#: src/util/util.h:112
msgid "Send the debug output to stderr directly."
msgstr ""
@@ -1268,99 +1280,104 @@ msgstr ""
msgid "The group to create FAST ccache as"
msgstr ""
-#: src/providers/data_provider_be.c:2833
+#: src/providers/data_provider_be.c:2834
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:969
+#: src/sss_client/common.c:971
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:972
+#: src/sss_client/common.c:974
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:975
+#: src/sss_client/common.c:977
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:978
+#: src/sss_client/common.c:980
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:983
+#: src/sss_client/common.c:985
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:989
+#: src/sss_client/common.c:991
msgid "Unexpected error while looking for an error description"
msgstr ""
-#: src/sss_client/pam_sss.c:398
+#: src/sss_client/pam_sss.c:63
+msgid "Permission denied. "
+msgstr ""
+
+#: src/sss_client/pam_sss.c:64 src/sss_client/pam_sss.c:883
+#: src/sss_client/pam_sss.c:894
+msgid "Server message: "
+msgstr ""
+
+#: src/sss_client/pam_sss.c:401
msgid "Passwords do not match"
msgstr ""
-#: src/sss_client/pam_sss.c:586
+#: src/sss_client/pam_sss.c:589
msgid "Password reset by root is not supported."
msgstr ""
-#: src/sss_client/pam_sss.c:627
+#: src/sss_client/pam_sss.c:630
msgid "Authenticated with cached credentials"
msgstr ""
-#: src/sss_client/pam_sss.c:628
+#: src/sss_client/pam_sss.c:631
msgid ", your cached password will expire at: "
msgstr ""
-#: src/sss_client/pam_sss.c:658
+#: src/sss_client/pam_sss.c:661
#, c-format
msgid "Your password has expired. You have %1$d grace login(s) remaining."
msgstr ""
-#: src/sss_client/pam_sss.c:704
+#: src/sss_client/pam_sss.c:707
#, c-format
msgid "Your password will expire in %1$d %2$s."
msgstr ""
-#: src/sss_client/pam_sss.c:753
+#: src/sss_client/pam_sss.c:756
msgid "Authentication is denied until: "
msgstr ""
-#: src/sss_client/pam_sss.c:774
+#: src/sss_client/pam_sss.c:777
msgid "System is offline, password change not possible"
msgstr ""
-#: src/sss_client/pam_sss.c:789
+#: src/sss_client/pam_sss.c:792
msgid ""
"After changing the OTP password, you need to log out and back in order to "
"acquire a ticket"
msgstr ""
-#: src/sss_client/pam_sss.c:820 src/sss_client/pam_sss.c:833
+#: src/sss_client/pam_sss.c:880 src/sss_client/pam_sss.c:893
msgid "Password change failed. "
msgstr "Huts egin du pasahitza aldatzeak. "
-#: src/sss_client/pam_sss.c:823 src/sss_client/pam_sss.c:834
-msgid "Server message: "
-msgstr ""
-
-#: src/sss_client/pam_sss.c:1274
+#: src/sss_client/pam_sss.c:1336
msgid "New Password: "
msgstr "Pasahitz berria: "
-#: src/sss_client/pam_sss.c:1275
+#: src/sss_client/pam_sss.c:1337
msgid "Reenter new Password: "
msgstr "Berriz sartu pasahitz berria: "
-#: src/sss_client/pam_sss.c:1374
+#: src/sss_client/pam_sss.c:1436
msgid "Password: "
msgstr "Pasahitza: "
-#: src/sss_client/pam_sss.c:1406
+#: src/sss_client/pam_sss.c:1468
msgid "Current Password: "
msgstr "Uneko pasahitza: "
-#: src/sss_client/pam_sss.c:1582
+#: src/sss_client/pam_sss.c:1644
msgid "Password expired. Change your password now."
msgstr "Pasahitza iraungita. Aldatu zure pasahitza orain."
diff --git a/po/fr.po b/po/fr.po
index 5efbe8d3f..d960624d9 100644
--- a/po/fr.po
+++ b/po/fr.po
@@ -7,12 +7,13 @@
# Jérôme Fenal <jfenal@gmail.com>, 2012-2014
# Fabien Archambault <marbolangos@gmail.com>, 2012
# Mariko Vincent <dweu60@gmail.com>, 2012
+# Jérôme Fenal <jfenal@gmail.com>, 2015. #zanata
msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2015-02-18 16:53+0100\n"
-"PO-Revision-Date: 2014-07-08 07:31-0400\n"
+"POT-Creation-Date: 2015-06-12 10:37+0200\n"
+"PO-Revision-Date: 2015-02-19 09:34-0500\n"
"Last-Translator: Jérôme Fenal <jfenal@gmail.com>\n"
"Language-Team: French (http://www.transifex.com/projects/p/sssd/language/"
"fr/)\n"
@@ -21,7 +22,7 @@ msgstr ""
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=(n > 1);\n"
-"X-Generator: Zanata 3.5.1\n"
+"X-Generator: Zanata 3.6.2\n"
#: src/config/SSSDConfig/__init__.py.in:43
msgid "Set the verbosity of the debug logging"
@@ -116,7 +117,7 @@ msgstr ""
"secondes)"
#: src/config/SSSDConfig/__init__.py.in:67
-#: src/config/SSSDConfig/__init__.py.in:96
+#: src/config/SSSDConfig/__init__.py.in:97
msgid "Negative cache timeout length (seconds)"
msgstr "Délai d'attente du cache négatif (en secondes)"
@@ -183,6 +184,8 @@ msgstr "Durée de maintien en cache des enregistrements valides"
#: src/config/SSSDConfig/__init__.py.in:80
msgid "All spaces in group or user names will be replaced with this character"
msgstr ""
+"Tous les espaces dans les noms de groupes ou d'utilisateurs seront remplacés "
+"par ce caractère"
#: src/config/SSSDConfig/__init__.py.in:83
msgid "How long to allow cached logins between online logins (days)"
@@ -222,22 +225,28 @@ msgstr ""
#: src/config/SSSDConfig/__init__.py.in:89
msgid "List of trusted uids or user's name"
-msgstr ""
+msgstr "Liste des uid ou noms d'utilisateurs dignes de confiance"
#: src/config/SSSDConfig/__init__.py.in:90
msgid "List of domains accessible even for untrusted users."
msgstr ""
+"Liste des domaines accessibles y compris par les utilisateurs non dignes de "
+"confiance"
+
+#: src/config/SSSDConfig/__init__.py.in:91
+msgid "Message printed when user account is expired."
+msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:93
+#: src/config/SSSDConfig/__init__.py.in:94
msgid "Whether to evaluate the time-based attributes in sudo rules"
msgstr "Faut-il évaluer les attributs dépendants du temps dans les règles sudo"
-#: src/config/SSSDConfig/__init__.py.in:99
+#: src/config/SSSDConfig/__init__.py.in:100
msgid "Whether to hash host names and addresses in the known_hosts file"
msgstr ""
"Condenser ou non les noms de systèmes et adresses du fichier known_hosts"
-#: src/config/SSSDConfig/__init__.py.in:100
+#: src/config/SSSDConfig/__init__.py.in:101
msgid ""
"How many seconds to keep a host in the known_hosts file after its host keys "
"were requested"
@@ -245,542 +254,554 @@ msgstr ""
"Le nombre de secondes pour garder un hôte dans le fichier known_hosts après "
"que ses clés d'hôte ont été demandées"
-#: src/config/SSSDConfig/__init__.py.in:103
+#: src/config/SSSDConfig/__init__.py.in:104
msgid "List of UIDs or user names allowed to access the PAC responder"
msgstr ""
"Listes des UID ou nom d'utilisateurs autorisés à accéder le répondeur PAC"
-#: src/config/SSSDConfig/__init__.py.in:106
+#: src/config/SSSDConfig/__init__.py.in:107
msgid "List of UIDs or user names allowed to access the InfoPipe responder"
msgstr ""
"Listes des UID ou nom d'utilisateurs autorisés à accéder le répondeur "
"InfoPipe"
-#: src/config/SSSDConfig/__init__.py.in:107
+#: src/config/SSSDConfig/__init__.py.in:108
msgid "List of user attributes the InfoPipe is allowed to publish"
msgstr "Liste des attributs utilisateur que l'InfoPipe est autorisé à publier"
-#: src/config/SSSDConfig/__init__.py.in:110
+#: src/config/SSSDConfig/__init__.py.in:111
msgid "Identity provider"
msgstr "Fournisseur d'identité"
-#: src/config/SSSDConfig/__init__.py.in:111
+#: src/config/SSSDConfig/__init__.py.in:112
msgid "Authentication provider"
msgstr "Fournisseur d'authentification"
-#: src/config/SSSDConfig/__init__.py.in:112
+#: src/config/SSSDConfig/__init__.py.in:113
msgid "Access control provider"
msgstr "Fournisseur de contrôle d'accès"
-#: src/config/SSSDConfig/__init__.py.in:113
+#: src/config/SSSDConfig/__init__.py.in:114
msgid "Password change provider"
msgstr "Fournisseur de changement de mot de passe"
-#: src/config/SSSDConfig/__init__.py.in:114
+#: src/config/SSSDConfig/__init__.py.in:115
msgid "SUDO provider"
msgstr "Fournisseur SUDO"
-#: src/config/SSSDConfig/__init__.py.in:115
+#: src/config/SSSDConfig/__init__.py.in:116
msgid "Autofs provider"
msgstr "Fournisseur autofs"
-#: src/config/SSSDConfig/__init__.py.in:116
+#: src/config/SSSDConfig/__init__.py.in:117
msgid "Session-loading provider"
msgstr "Fournisseur de chargement de session"
-#: src/config/SSSDConfig/__init__.py.in:117
+#: src/config/SSSDConfig/__init__.py.in:118
msgid "Host identity provider"
msgstr "Fournisseur d'identité de l'hôte"
-#: src/config/SSSDConfig/__init__.py.in:120
+#: src/config/SSSDConfig/__init__.py.in:121
msgid "Minimum user ID"
msgstr "Identifiant utilisateur minimum"
-#: src/config/SSSDConfig/__init__.py.in:121
+#: src/config/SSSDConfig/__init__.py.in:122
msgid "Maximum user ID"
msgstr "Identifiant utilisateur maximum"
-#: src/config/SSSDConfig/__init__.py.in:122
+#: src/config/SSSDConfig/__init__.py.in:123
msgid "Enable enumerating all users/groups"
msgstr "Activer l'énumération de tous les utilisateurs/groupes"
-#: src/config/SSSDConfig/__init__.py.in:123
+#: src/config/SSSDConfig/__init__.py.in:124
msgid "Cache credentials for offline login"
msgstr "Mettre en cache les crédits pour une connexion hors-ligne"
-#: src/config/SSSDConfig/__init__.py.in:124
+#: src/config/SSSDConfig/__init__.py.in:125
msgid "Store password hashes"
msgstr "Stocker les sommes de contrôle des mots de passe"
-#: src/config/SSSDConfig/__init__.py.in:125
+#: src/config/SSSDConfig/__init__.py.in:126
msgid "Display users/groups in fully-qualified form"
msgstr "Afficher les utilisateurs/groupes dans un format complétement qualifié"
-#: src/config/SSSDConfig/__init__.py.in:126
+#: src/config/SSSDConfig/__init__.py.in:127
msgid "Don't include group members in group lookups"
msgstr "Ne pas inclure les membres des groupes dans les recherches de groupes."
-#: src/config/SSSDConfig/__init__.py.in:127
-#: src/config/SSSDConfig/__init__.py.in:134
+#: src/config/SSSDConfig/__init__.py.in:128
#: src/config/SSSDConfig/__init__.py.in:135
#: src/config/SSSDConfig/__init__.py.in:136
#: src/config/SSSDConfig/__init__.py.in:137
#: src/config/SSSDConfig/__init__.py.in:138
#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "Entry cache timeout length (seconds)"
msgstr "Durée de validité des entrées en cache (en secondes)"
-#: src/config/SSSDConfig/__init__.py.in:128
+#: src/config/SSSDConfig/__init__.py.in:129
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr "Restreindre ou préférer une famille d'adresses lors des recherches DNS"
-#: src/config/SSSDConfig/__init__.py.in:129
+#: src/config/SSSDConfig/__init__.py.in:130
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
"Durée de validité des entrées en cache après la dernière connexion réussie "
"(en jours)"
-#: src/config/SSSDConfig/__init__.py.in:130
+#: src/config/SSSDConfig/__init__.py.in:131
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr ""
"Délai d'attente des réponses du DNS lors de la résolution des serveurs (en "
"secondes)"
-#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "The domain part of service discovery DNS query"
msgstr "La partie domaine de la requête de découverte de service DNS"
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "Override GID value from the identity provider with this value"
msgstr "Écraser la valeur du GID du fournisseur d'identité avec cette valeur"
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Treat usernames as case sensitive"
msgstr "Considère les noms d'utilisateur comme casse dépendant"
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "How often should expired entries be refreshed in background"
msgstr "Fréquence de rafraîchissement en arrière plan des entrées expirées"
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "Whether to automatically update the client's DNS entry"
msgstr "Choisir de mettre à jour automatiquement l'entrée DNS du client"
-#: src/config/SSSDConfig/__init__.py.in:142
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:143
+#: src/config/SSSDConfig/__init__.py.in:159
msgid "The TTL to apply to the client's DNS entry after updating it"
msgstr "Le TTL à appliquer à l'entrée DNS du client après modification"
-#: src/config/SSSDConfig/__init__.py.in:143
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
"L'interface dont l'adresse IP doit être utilisée pour les mises à jour "
"dynamiques du DNS"
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:145
msgid "How often to periodically update the client's DNS entry"
msgstr "Fréquence de mise à jour automatique de l'entrée DNS du client"
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:146
msgid "Whether the provider should explicitly update the PTR record as well"
msgstr ""
"Selon que le fournisseur doit aussi ou non mettre à jour explicitement "
"l'enregistrement PTR"
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:147
msgid "Whether the nsupdate utility should default to using TCP"
msgstr "Selon que l'utilitaire nsupdate doit utiliser TCP par défaut"
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "What kind of authentication should be used to perform the DNS update"
msgstr ""
"Quel type d'authentification doit être utilisée pour effectuer la mise à "
"jour DNS"
-#: src/config/SSSDConfig/__init__.py.in:148
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "Control enumeration of trusted domains"
msgstr "Contrôle l'énumération des domaines approuvés"
-#: src/config/SSSDConfig/__init__.py.in:149
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "How often should subdomains list be refreshed"
msgstr "Fréquence de rafraîchissement des sous-domaines"
-#: src/config/SSSDConfig/__init__.py.in:152
+#: src/config/SSSDConfig/__init__.py.in:151
+msgid "List of options that should be inherited into a subdomain"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:154
msgid "IPA domain"
msgstr "Domaine IPA"
-#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:155
msgid "IPA server address"
msgstr "Adresse du serveur IPA"
-#: src/config/SSSDConfig/__init__.py.in:154
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Address of backup IPA server"
msgstr "Adresse du serveur IPA de secours"
-#: src/config/SSSDConfig/__init__.py.in:155
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "IPA client hostname"
msgstr "Nom de système du client IPA"
-#: src/config/SSSDConfig/__init__.py.in:156
+#: src/config/SSSDConfig/__init__.py.in:158
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
"Choisir de mettre à jour automatiquement l'entrée DNS du client dans FreeIPA"
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:161
msgid "Search base for HBAC related objects"
msgstr "Base de recherche pour les objets HBAC"
-#: src/config/SSSDConfig/__init__.py.in:160
+#: src/config/SSSDConfig/__init__.py.in:162
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr "Délai entre les recherches de règles HBAC sur le serveur IPA"
-#: src/config/SSSDConfig/__init__.py.in:161
+#: src/config/SSSDConfig/__init__.py.in:163
msgid ""
"The amount of time in seconds between lookups of the SELinux maps against "
"the IPA server"
msgstr "Délai entre les recherches de cartes SELinux sur le serveur IPA"
-#: src/config/SSSDConfig/__init__.py.in:162
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr "Si les règles DENY sont présentes, utiliser soit DENY_ALL soit IGNORE"
-#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "If set to false, host argument given by PAM will be ignored"
msgstr "Si mit à false, l’argument de l'hôte donné par PAM est ignoré"
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "The automounter location this IPA client is using"
msgstr ""
"L'emplacement de la carte de montage automatique utilisée par le client IPA"
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Search base for object containing info about IPA domain"
msgstr ""
"Base de recherche pour l'objet contenant les informations de base à propos "
"du domaine IPA"
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:168
msgid "Search base for objects containing info about ID ranges"
msgstr ""
"Base de recherche pour les objets contenant les informations à propos des "
"plages d'ID"
-#: src/config/SSSDConfig/__init__.py.in:167
-#: src/config/SSSDConfig/__init__.py.in:181
+#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:183
msgid "Enable DNS sites - location based service discovery"
msgstr "Activer les sites DNS - découverte de service basée sur l'emplacement"
-#: src/config/SSSDConfig/__init__.py.in:168
+#: src/config/SSSDConfig/__init__.py.in:170
msgid "Search base for view containers"
-msgstr ""
+msgstr "Base de recherche des conteneurs de vues"
-#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:171
msgid "Objectclass for view containers"
-msgstr ""
+msgstr "Classe d'objet pour les conteneurs de vues"
-#: src/config/SSSDConfig/__init__.py.in:170
+#: src/config/SSSDConfig/__init__.py.in:172
msgid "Attribute with the name of the view"
-msgstr ""
+msgstr "Attribut avec le nom de la vue"
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
msgid "Objectclass for override objects"
-msgstr ""
+msgstr "Classe d'objet surchargeant les objets"
-#: src/config/SSSDConfig/__init__.py.in:172
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Attribute with the reference to the original object"
-msgstr ""
+msgstr "Attribut faisant référence à l'objet originel "
-#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:175
msgid "Objectclass for user override objects"
-msgstr ""
+msgstr "Classe d'objet surchargeant les utilisateurs"
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:176
msgid "Objectclass for group override objects"
-msgstr ""
+msgstr "Classe d'objet surchargeant les groupes"
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "Active Directory domain"
msgstr "Domaine Active Directory"
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "Active Directory server address"
msgstr "Adresse du serveur Active Directory"
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "Active Directory backup server address"
msgstr "Adresse du serveur Active Directory de secours"
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "Active Directory client hostname"
msgstr "Nom de système du client Active Directory"
-#: src/config/SSSDConfig/__init__.py.in:182
-#: src/config/SSSDConfig/__init__.py.in:357
+#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:360
msgid "LDAP filter to determine access privileges"
msgstr "Filtre LDAP pour déterminer les autorisations d'accès"
-#: src/config/SSSDConfig/__init__.py.in:183
+#: src/config/SSSDConfig/__init__.py.in:185
msgid "Whether to use the Global Catalog for lookups"
msgstr "Choisir d'utiliser ou non le catalogue global pour les recherches"
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Operation mode for GPO-based access control"
msgstr "Mode opératoire pour les contrôles d'accès basé sur les GPO"
-#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:187
msgid ""
"The amount of time between lookups of the GPO policy files against the AD "
"server"
msgstr ""
+"Durée entre les recherches de fichiers de politiques de GPO dans le serveur "
+"AD"
-#: src/config/SSSDConfig/__init__.py.in:186
+#: src/config/SSSDConfig/__init__.py.in:188
msgid ""
"PAM service names that map to the GPO (Deny)InteractiveLogonRight policy "
"settings"
msgstr ""
+"Noms de services PAM correspondant à la configuration de la politique "
+"(Deny)InteractiveLogonRight de la GPO"
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:189
msgid ""
"PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight "
"policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:190
msgid ""
"PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:191
msgid ""
"PAM service names that map to the GPO (Deny)BatchLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:192
msgid ""
"PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "PAM service names for which GPO-based access is always granted"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "PAM service names for which GPO-based access is always denied"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:195
msgid ""
"Default logon right (or permit/deny) to use for unmapped PAM service names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "a particular site to be used by the client"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:197
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "Kerberos server address"
msgstr "Adresse du serveur Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Kerberos backup server address"
msgstr "Adresse du serveur Kerberos de secours"
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "Kerberos realm"
msgstr "Domaine Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "Authentication timeout"
msgstr "Délai avant expiration de l'authentification"
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "Whether to create kdcinfo files"
msgstr "Choisir de créer ou non les fichiers kdcinfo"
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "Where to drop krb5 config snippets"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "Directory to store credential caches"
msgstr "Répertoire pour stocker les caches de crédits"
-#: src/config/SSSDConfig/__init__.py.in:207
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "Location of the user's credential cache"
msgstr "Emplacement du cache de crédits de l'utilisateur"
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:210
msgid "Location of the keytab to validate credentials"
msgstr "Emplacement du fichier keytab de validation des crédits"
-#: src/config/SSSDConfig/__init__.py.in:209
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "Enable credential validation"
msgstr "Activer la validation des crédits"
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:212
msgid "Store password if offline for later online authentication"
msgstr ""
"Stocker le mot de passe, si hors-ligne, pour une authentification ultérieure "
"en ligne"
-#: src/config/SSSDConfig/__init__.py.in:211
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Renewable lifetime of the TGT"
msgstr "Durée de vie renouvelable du TGT"
-#: src/config/SSSDConfig/__init__.py.in:212
+#: src/config/SSSDConfig/__init__.py.in:214
msgid "Lifetime of the TGT"
msgstr "Durée de vie du TGT"
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:215
msgid "Time between two checks for renewal"
msgstr "Durée entre deux vérifications pour le renouvellement"
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "Enables FAST"
msgstr "Active FAST"
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "Selects the principal to use for FAST"
msgstr "Sélectionne le principal pour être utilisé avec FAST"
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:218
msgid "Enables principal canonicalization"
msgstr "Active la canonisation du principal"
-#: src/config/SSSDConfig/__init__.py.in:217
+#: src/config/SSSDConfig/__init__.py.in:219
msgid "Enables enterprise principals"
msgstr "Active les principals d'entreprise"
#: src/config/SSSDConfig/__init__.py.in:220
-#: src/config/SSSDConfig/__init__.py.in:221
+msgid "A mapping from user names to kerberos principal names"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:224
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
"Serveur où tourne le service de changement de mot de passe s'il n'est pas "
"sur le KDC"
-#: src/config/SSSDConfig/__init__.py.in:224
+#: src/config/SSSDConfig/__init__.py.in:227
msgid "ldap_uri, The URI of the LDAP server"
msgstr "ldap_uri, l'adresse du serveur LDAP"
-#: src/config/SSSDConfig/__init__.py.in:225
+#: src/config/SSSDConfig/__init__.py.in:228
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr "ldap_backup_uri, l'URI du serveur LDAP"
-#: src/config/SSSDConfig/__init__.py.in:226
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "The default base DN"
msgstr "La base DN par défaut"
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr "Le type de schéma utilisé sur le serveur LDAP, rfc2307"
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "The default bind DN"
msgstr "Le DN de connexion par défaut"
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "The type of the authentication token of the default bind DN"
msgstr "Le type de jeton d'authentification du DN de connexion par défaut"
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "The authentication token of the default bind DN"
msgstr "Le jeton d'authentification du DN de connexion par défaut"
-#: src/config/SSSDConfig/__init__.py.in:231
+#: src/config/SSSDConfig/__init__.py.in:234
msgid "Length of time to attempt connection"
msgstr "Durée pendant laquelle il sera tenté d'établir la connexion"
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Length of time to attempt synchronous LDAP operations"
msgstr "Durée pendant laquelle il sera tenté des opérations LDAP synchrones"
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "Length of time between attempts to reconnect while offline"
msgstr "Durée d'attente entre deux essais de reconnexion en mode hors-ligne"
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Use only the upper case for realm names"
msgstr "N'utiliser que des majuscules pour les noms de domaine"
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "File that contains CA certificates"
msgstr "Fichier contenant les certificats des CA"
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Path to CA certificate directory"
msgstr "Chemin vers le répertoire de certificats des CA"
-#: src/config/SSSDConfig/__init__.py.in:237
+#: src/config/SSSDConfig/__init__.py.in:240
msgid "File that contains the client certificate"
msgstr "Fichier contenant le certificat client"
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "File that contains the client key"
msgstr "Fichier contenant la clé du client"
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "List of possible ciphers suites"
msgstr "Liste des suites de chiffrement possibles"
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "Require TLS certificate verification"
msgstr "Requiert une vérification de certificat TLS"
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "Specify the sasl mechanism to use"
msgstr "Spécifier le mécanisme SASL à utiliser"
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "Specify the sasl authorization id to use"
msgstr "Spécifier l'identité d'authorisation SASL à utiliser"
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "Specify the sasl authorization realm to use"
msgstr "Spécifier le domaine d'authorisation SASL à utiliser"
-#: src/config/SSSDConfig/__init__.py.in:244
+#: src/config/SSSDConfig/__init__.py.in:247
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr "Spécifie le minimum SSF pour l'autorisation sasl LDAP"
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Kerberos service keytab"
msgstr "Service du fichier keytab de Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "Use Kerberos auth for LDAP connection"
msgstr "Utiliser l'authentification Kerberos pour la connexion LDAP"
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "Follow LDAP referrals"
msgstr "Suivre les référents LDAP"
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "Lifetime of TGT for LDAP connection"
msgstr "Durée de vie du TGT pour la connexion LDAP"
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "How to dereference aliases"
msgstr "Comment déréférencer les alias"
-#: src/config/SSSDConfig/__init__.py.in:250
+#: src/config/SSSDConfig/__init__.py.in:253
msgid "Service name for DNS service lookups"
msgstr "Nom du service pour les recherches DNS"
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "The number of records to retrieve in a single LDAP query"
msgstr "Le nombre d'enregistrements à récupérer dans une requête LDAP unique"
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
"Nombre de membres qui doivent être manquants pour activer un déréférencement "
"complet"
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
@@ -788,372 +809,372 @@ msgstr ""
"Est-ce que la bibliothèque LDAP doit effectuer une requête pour canoniser le "
"nom d'hôte pendant une connexion SASL ?"
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "entryUSN attribute"
msgstr "attribut entryUSN"
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "lastUSN attribute"
msgstr "attribut lastUSN"
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
"Combien de temps conserver la connexion au serveur LDAP avant de se "
"déconnecter"
-#: src/config/SSSDConfig/__init__.py.in:260
+#: src/config/SSSDConfig/__init__.py.in:263
msgid "Disable the LDAP paging control"
msgstr "Désactiver le contrôle des pages LDAP"
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "Disable Active Directory range retrieval"
msgstr "Désactiver la récupération de plage Active Directory."
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "Length of time to wait for a search request"
msgstr "Durée d'attente pour une requête de recherche"
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "Length of time to wait for a enumeration request"
msgstr "Durée d'attente pour une requête d'énumération"
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "Length of time between enumeration updates"
msgstr "Durée entre deux mises à jour d'énumération"
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "Length of time between cache cleanups"
msgstr "Durée entre les nettoyages de cache"
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "Require TLS for ID lookups"
msgstr "TLS est requis pour les recherches d'identifiants"
-#: src/config/SSSDConfig/__init__.py.in:269
+#: src/config/SSSDConfig/__init__.py.in:272
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
"Utilisation de la correspondance d'ID pour les objectSID au lieu d'ID pré-"
"établis"
-#: src/config/SSSDConfig/__init__.py.in:270
+#: src/config/SSSDConfig/__init__.py.in:273
msgid "Base DN for user lookups"
msgstr "Base DN pour les recherches d'utilisateurs"
-#: src/config/SSSDConfig/__init__.py.in:271
+#: src/config/SSSDConfig/__init__.py.in:274
msgid "Scope of user lookups"
msgstr "Scope des recherches d'utilisateurs"
-#: src/config/SSSDConfig/__init__.py.in:272
+#: src/config/SSSDConfig/__init__.py.in:275
msgid "Filter for user lookups"
msgstr "Filtre pour les recherches d'utilisateurs"
-#: src/config/SSSDConfig/__init__.py.in:273
+#: src/config/SSSDConfig/__init__.py.in:276
msgid "Objectclass for users"
msgstr "Classe d'objet pour les utilisateurs"
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Username attribute"
msgstr "Attribut de nom d'utilisateur"
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "UID attribute"
msgstr "Attribut UID"
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "Primary GID attribute"
msgstr "Attribut de GID primaire"
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "GECOS attribute"
msgstr "Attribut GECOS"
-#: src/config/SSSDConfig/__init__.py.in:279
+#: src/config/SSSDConfig/__init__.py.in:282
msgid "Home directory attribute"
msgstr "Attribut de répertoire utilisateur"
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "Shell attribute"
msgstr "Attribut d'interpréteur de commandes"
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
#, fuzzy
msgid "UUID attribute"
msgstr "Attribut UID"
-#: src/config/SSSDConfig/__init__.py.in:282
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:322
msgid "objectSID attribute"
msgstr "attribut objectSID"
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Active Directory primary group attribute for ID-mapping"
msgstr "Groupe primaire Active Directory pour la correspondance d'ID"
-#: src/config/SSSDConfig/__init__.py.in:284
+#: src/config/SSSDConfig/__init__.py.in:287
msgid "User principal attribute (for Kerberos)"
msgstr "Attribut d'utilisateur principal (pour Kerberos)"
-#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:288
msgid "Full Name"
msgstr "Nom complet"
-#: src/config/SSSDConfig/__init__.py.in:286
+#: src/config/SSSDConfig/__init__.py.in:289
msgid "memberOf attribute"
msgstr "Attribut memberOf"
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Modification time attribute"
msgstr "Attribut de date de modification"
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "shadowLastChange attribute"
msgstr "Attribut shadowLastChange"
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "shadowMin attribute"
msgstr "Attribut shadowMin"
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "shadowMax attribute"
msgstr "Attribut shadowMax"
-#: src/config/SSSDConfig/__init__.py.in:292
+#: src/config/SSSDConfig/__init__.py.in:295
msgid "shadowWarning attribute"
msgstr "Attribut shadowWarning"
-#: src/config/SSSDConfig/__init__.py.in:293
+#: src/config/SSSDConfig/__init__.py.in:296
msgid "shadowInactive attribute"
msgstr "Attribut shadowInactive"
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "shadowExpire attribute"
msgstr "Attribut shadowExpire"
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "shadowFlag attribute"
msgstr "Attribut shadowFlag"
-#: src/config/SSSDConfig/__init__.py.in:296
+#: src/config/SSSDConfig/__init__.py.in:299
msgid "Attribute listing authorized PAM services"
msgstr "Attribut listant les services PAM autorisés"
-#: src/config/SSSDConfig/__init__.py.in:297
+#: src/config/SSSDConfig/__init__.py.in:300
msgid "Attribute listing authorized server hosts"
msgstr "Attribut listant les systèmes serveurs autorisés"
-#: src/config/SSSDConfig/__init__.py.in:298
+#: src/config/SSSDConfig/__init__.py.in:301
msgid "krbLastPwdChange attribute"
msgstr "Attribut krbLastPwdChange"
-#: src/config/SSSDConfig/__init__.py.in:299
+#: src/config/SSSDConfig/__init__.py.in:302
msgid "krbPasswordExpiration attribute"
msgstr "Attribut krbPasswordExpiration"
-#: src/config/SSSDConfig/__init__.py.in:300
+#: src/config/SSSDConfig/__init__.py.in:303
msgid "Attribute indicating that server side password policies are active"
msgstr ""
"Attribut indiquant que la stratégie de mot de passe du serveur est active"
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "accountExpires attribute of AD"
msgstr "Attribut AD accountExpires"
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "userAccountControl attribute of AD"
msgstr "Attribut AD userAccountControl"
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "nsAccountLock attribute"
msgstr "Attribut nsAccountLock"
-#: src/config/SSSDConfig/__init__.py.in:304
+#: src/config/SSSDConfig/__init__.py.in:307
msgid "loginDisabled attribute of NDS"
msgstr "Attribut NDS loginDisabled"
-#: src/config/SSSDConfig/__init__.py.in:305
+#: src/config/SSSDConfig/__init__.py.in:308
msgid "loginExpirationTime attribute of NDS"
msgstr "Attribut NDS loginExpirationTime"
-#: src/config/SSSDConfig/__init__.py.in:306
+#: src/config/SSSDConfig/__init__.py.in:309
msgid "loginAllowedTimeMap attribute of NDS"
msgstr "Attribut NDS loginAllowedTimeMap"
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "SSH public key attribute"
msgstr "Attribut de clé public SSH"
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "A list of extra attributes to download along with the user entry"
msgstr ""
"Une liste des attributs supplémentaires à télécharger avec l'entrée de "
"l'utilisateur"
-#: src/config/SSSDConfig/__init__.py.in:310
+#: src/config/SSSDConfig/__init__.py.in:313
msgid "Base DN for group lookups"
msgstr "DN de base pour les recherches de groupes"
-#: src/config/SSSDConfig/__init__.py.in:313
+#: src/config/SSSDConfig/__init__.py.in:316
msgid "Objectclass for groups"
msgstr "Classe d'objet pour les groupes"
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "Group name"
msgstr "Nom du groupe"
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Group password"
msgstr "Mot de passe du groupe"
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid "GID attribute"
msgstr "Attribut GID"
-#: src/config/SSSDConfig/__init__.py.in:317
+#: src/config/SSSDConfig/__init__.py.in:320
msgid "Group member attribute"
msgstr "Attribut membre du groupe"
-#: src/config/SSSDConfig/__init__.py.in:318
+#: src/config/SSSDConfig/__init__.py.in:321
#, fuzzy
msgid "Group UUID attribute"
msgstr "Attribut UID"
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "Modification time attribute for groups"
msgstr "Attribut de date de modification pour les groupes"
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "Type of the group and other flags"
msgstr "Type de groupe et autres indicateurs"
-#: src/config/SSSDConfig/__init__.py.in:323
+#: src/config/SSSDConfig/__init__.py.in:326
msgid "Maximum nesting level SSSd will follow"
msgstr "Niveau de récursion maximum que SSSd doit suivre"
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Base DN for netgroup lookups"
msgstr "DN de base pour les recherches de netgroup"
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Objectclass for netgroups"
msgstr "Classe d'objet pour les groupes réseau"
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Netgroup name"
msgstr "Nom du groupe réseau"
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Netgroups members attribute"
msgstr "Attribut des membres des groupes réseau"
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid "Netgroup triple attribute"
msgstr "Attribut triplet du groupe réseau"
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "Modification time attribute for netgroups"
msgstr "Attribut date de modification pour les groupes réseau"
-#: src/config/SSSDConfig/__init__.py.in:332
+#: src/config/SSSDConfig/__init__.py.in:335
msgid "Base DN for service lookups"
msgstr "Nom de domaine (DN) de base pour les recherches de service"
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Objectclass for services"
msgstr "Classe objet pour les services"
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Service name attribute"
msgstr "Attribut de nom de service"
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Service port attribute"
msgstr "Attribut de port du service"
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Service protocol attribute"
msgstr "Attribut de service du protocole"
-#: src/config/SSSDConfig/__init__.py.in:339
+#: src/config/SSSDConfig/__init__.py.in:342
msgid "Lower bound for ID-mapping"
msgstr "Limite inférieure pour la correspondance d'ID"
-#: src/config/SSSDConfig/__init__.py.in:340
+#: src/config/SSSDConfig/__init__.py.in:343
msgid "Upper bound for ID-mapping"
msgstr "Limite supérieure pour la correspondance d'ID"
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Number of IDs for each slice when ID-mapping"
msgstr "Nombre d'ID par tranche pour la correspondance d'ID"
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
"Utilisation d'un algorithme compatible autorid pour la correspondance d'ID"
-#: src/config/SSSDConfig/__init__.py.in:343
+#: src/config/SSSDConfig/__init__.py.in:346
msgid "Name of the default domain for ID-mapping"
msgstr "Nom du domaine par défaut pour la correspondance d'ID"
-#: src/config/SSSDConfig/__init__.py.in:344
+#: src/config/SSSDConfig/__init__.py.in:347
msgid "SID of the default domain for ID-mapping"
msgstr "SID du domaine par défaut pour la correspondance d'ID"
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr "Utiliser LDAP_MATCHING_RULE_IN_CHAIN pour les recherches de groupes"
-#: src/config/SSSDConfig/__init__.py.in:347
+#: src/config/SSSDConfig/__init__.py.in:350
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
"Utiliser LDAP_MATCHING_RULE_IN_CHAIN pour les recherches de groupes "
"d'initialisation"
-#: src/config/SSSDConfig/__init__.py.in:348
+#: src/config/SSSDConfig/__init__.py.in:351
msgid "Whether to use Token-Groups"
msgstr "Choisir d'utiliser ou non les groupes de jetons"
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "Set lower boundary for allowed IDs from the LDAP server"
msgstr ""
"Définir la limite inférieure d'identifiants autorisés pour l'annuaire LDAP"
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Set upper boundary for allowed IDs from the LDAP server"
msgstr ""
"Définir la limite supérieure d'identifiants autorisés pour l'annuaire LDAP"
-#: src/config/SSSDConfig/__init__.py.in:351
+#: src/config/SSSDConfig/__init__.py.in:354
msgid "DN for ppolicy queries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:354
+#: src/config/SSSDConfig/__init__.py.in:357
msgid "Policy to evaluate the password expiration"
msgstr "Stratégie d'évaluation de l'expiration du mot de passe"
-#: src/config/SSSDConfig/__init__.py.in:358
+#: src/config/SSSDConfig/__init__.py.in:361
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr "Quels attributs utiliser pour déterminer si un compte a expiré"
-#: src/config/SSSDConfig/__init__.py.in:359
+#: src/config/SSSDConfig/__init__.py.in:362
msgid "Which rules should be used to evaluate access control"
msgstr "Quelles règles utiliser pour évaluer le contrôle d'accès"
-#: src/config/SSSDConfig/__init__.py.in:362
+#: src/config/SSSDConfig/__init__.py.in:365
msgid "URI of an LDAP server where password changes are allowed"
msgstr "URI d'un serveur LDAP où les changements de mot de passe sont acceptés"
-#: src/config/SSSDConfig/__init__.py.in:363
+#: src/config/SSSDConfig/__init__.py.in:366
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
"URI d'un serveur LDAP de secours où sont autorisées les modifications de mot "
"de passe"
-#: src/config/SSSDConfig/__init__.py.in:364
+#: src/config/SSSDConfig/__init__.py.in:367
msgid "DNS service name for LDAP password change server"
msgstr "Nom du service DNS pour le serveur de changement de mot de passe LDAP"
-#: src/config/SSSDConfig/__init__.py.in:365
+#: src/config/SSSDConfig/__init__.py.in:368
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
@@ -1161,23 +1182,23 @@ msgstr ""
"Choix de mise à jour de l'attribut ldap_user_shadow_last_change après un "
"changement de mot de passe"
-#: src/config/SSSDConfig/__init__.py.in:368
+#: src/config/SSSDConfig/__init__.py.in:371
msgid "Base DN for sudo rules lookups"
msgstr "Nom de domaine (DN) de base pour les recherches de règles sudo"
-#: src/config/SSSDConfig/__init__.py.in:369
+#: src/config/SSSDConfig/__init__.py.in:372
msgid "Automatic full refresh period"
msgstr "Périodicité de rafraichissement total"
-#: src/config/SSSDConfig/__init__.py.in:370
+#: src/config/SSSDConfig/__init__.py.in:373
msgid "Automatic smart refresh period"
msgstr "Périodicité de rafraichissement intelligent"
-#: src/config/SSSDConfig/__init__.py.in:371
+#: src/config/SSSDConfig/__init__.py.in:374
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr "Filter ou non sur les noms de systèmes, adresses IP et réseaux"
-#: src/config/SSSDConfig/__init__.py.in:372
+#: src/config/SSSDConfig/__init__.py.in:375
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
@@ -1185,121 +1206,121 @@ msgstr ""
"Noms de systèmes et/ou noms pleinement qualifiés de cette machine pour "
"filtrer les règles sudo"
-#: src/config/SSSDConfig/__init__.py.in:373
+#: src/config/SSSDConfig/__init__.py.in:376
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
"Adresses ou réseaux IPv4 ou IPv6 de cette machine pour filtrer les règles "
"sudo"
-#: src/config/SSSDConfig/__init__.py.in:374
+#: src/config/SSSDConfig/__init__.py.in:377
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
"Inclure ou non les règles qui contiennent un netgroup dans l'attribut host"
-#: src/config/SSSDConfig/__init__.py.in:375
+#: src/config/SSSDConfig/__init__.py.in:378
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
"Inclure ou non les règles qui contiennent une expression rationnelle dans "
"l'attribut host"
-#: src/config/SSSDConfig/__init__.py.in:376
+#: src/config/SSSDConfig/__init__.py.in:379
msgid "Object class for sudo rules"
msgstr "Classe objet pour les règles sudo"
-#: src/config/SSSDConfig/__init__.py.in:377
+#: src/config/SSSDConfig/__init__.py.in:380
msgid "Sudo rule name"
msgstr "Règle de nom sudo"
-#: src/config/SSSDConfig/__init__.py.in:378
+#: src/config/SSSDConfig/__init__.py.in:381
msgid "Sudo rule command attribute"
msgstr "Attribut de commande de règle sudo"
-#: src/config/SSSDConfig/__init__.py.in:379
+#: src/config/SSSDConfig/__init__.py.in:382
msgid "Sudo rule host attribute"
msgstr "Attribut hôte de la règle sudo"
-#: src/config/SSSDConfig/__init__.py.in:380
+#: src/config/SSSDConfig/__init__.py.in:383
msgid "Sudo rule user attribute"
msgstr "Attribut utilisateur de la règle sudo"
-#: src/config/SSSDConfig/__init__.py.in:381
+#: src/config/SSSDConfig/__init__.py.in:384
msgid "Sudo rule option attribute"
msgstr "Attribut option de la règle sudo"
-#: src/config/SSSDConfig/__init__.py.in:382
+#: src/config/SSSDConfig/__init__.py.in:385
msgid "Sudo rule runas attribute"
-msgstr ""
+msgstr "Attribut de règle sudo runas"
-#: src/config/SSSDConfig/__init__.py.in:383
+#: src/config/SSSDConfig/__init__.py.in:386
msgid "Sudo rule runasuser attribute"
msgstr "Attribut runasuser de la règle sudo"
-#: src/config/SSSDConfig/__init__.py.in:384
+#: src/config/SSSDConfig/__init__.py.in:387
msgid "Sudo rule runasgroup attribute"
msgstr "Attribut runasgroup de la règle sudo"
-#: src/config/SSSDConfig/__init__.py.in:385
+#: src/config/SSSDConfig/__init__.py.in:388
msgid "Sudo rule notbefore attribute"
msgstr "Attribut notbefore de la règle sudo"
-#: src/config/SSSDConfig/__init__.py.in:386
+#: src/config/SSSDConfig/__init__.py.in:389
msgid "Sudo rule notafter attribute"
msgstr "Attribut notafter de règle sudo"
-#: src/config/SSSDConfig/__init__.py.in:387
+#: src/config/SSSDConfig/__init__.py.in:390
msgid "Sudo rule order attribute"
msgstr "Attribut d'ordre de règle sudo"
-#: src/config/SSSDConfig/__init__.py.in:390
+#: src/config/SSSDConfig/__init__.py.in:393
msgid "Object class for automounter maps"
msgstr "Classe objet pour la carte de montage automatique"
-#: src/config/SSSDConfig/__init__.py.in:391
+#: src/config/SSSDConfig/__init__.py.in:394
msgid "Automounter map name attribute"
msgstr "Nom de l'attribut de carte de montage automatique"
-#: src/config/SSSDConfig/__init__.py.in:392
+#: src/config/SSSDConfig/__init__.py.in:395
msgid "Object class for automounter map entries"
msgstr "Classe objet pour l'entrée de référence de montage automatique"
-#: src/config/SSSDConfig/__init__.py.in:393
+#: src/config/SSSDConfig/__init__.py.in:396
msgid "Automounter map entry key attribute"
msgstr "Attribut de clé d'entrée pour la carte de montage automatique"
-#: src/config/SSSDConfig/__init__.py.in:394
+#: src/config/SSSDConfig/__init__.py.in:397
msgid "Automounter map entry value attribute"
msgstr "Attribut de valeur pour la carte de montage automatique"
-#: src/config/SSSDConfig/__init__.py.in:395
+#: src/config/SSSDConfig/__init__.py.in:398
msgid "Base DN for automounter map lookups"
msgstr "Base DN pour les requêtes de carte de montage automatique"
-#: src/config/SSSDConfig/__init__.py.in:398
+#: src/config/SSSDConfig/__init__.py.in:401
msgid "Comma separated list of allowed users"
msgstr "Liste, séparée par des virgules, d'utilisateurs autorisés"
-#: src/config/SSSDConfig/__init__.py.in:399
+#: src/config/SSSDConfig/__init__.py.in:402
msgid "Comma separated list of prohibited users"
msgstr "Liste, séparée par des virgules, d'utilisateurs interdits"
-#: src/config/SSSDConfig/__init__.py.in:402
+#: src/config/SSSDConfig/__init__.py.in:405
msgid "Default shell, /bin/bash"
msgstr "Interpréteur de commande par défaut : /bin/bash"
-#: src/config/SSSDConfig/__init__.py.in:403
+#: src/config/SSSDConfig/__init__.py.in:406
msgid "Base for home directories"
msgstr "Base pour les répertoires utilisateur"
-#: src/config/SSSDConfig/__init__.py.in:406
+#: src/config/SSSDConfig/__init__.py.in:409
msgid "The name of the NSS library to use"
msgstr "Nom de la bibliothèque NSS à utiliser"
-#: src/config/SSSDConfig/__init__.py.in:407
+#: src/config/SSSDConfig/__init__.py.in:410
msgid "Whether to look up canonical group name from cache if possible"
msgstr "Rechercher le nom canonique du groupe dans le cache si possible"
-#: src/config/SSSDConfig/__init__.py.in:410
+#: src/config/SSSDConfig/__init__.py.in:413
msgid "PAM stack to use"
msgstr "Pile PAM à utiliser"
@@ -1319,26 +1340,26 @@ msgstr "Définir un fichier de configuration différent de celui par défaut"
msgid "Print version number and exit"
msgstr "Afficher le numéro de version et quitte"
-#: src/providers/krb5/krb5_child.c:2342 src/providers/ldap/ldap_child.c:589
+#: src/providers/krb5/krb5_child.c:2342 src/providers/ldap/ldap_child.c:609
#: src/util/util.h:108
msgid "Debug level"
msgstr "Niveau de débogage"
-#: src/providers/krb5/krb5_child.c:2344 src/providers/ldap/ldap_child.c:591
+#: src/providers/krb5/krb5_child.c:2344 src/providers/ldap/ldap_child.c:611
#: src/util/util.h:114
msgid "Add debug timestamps"
msgstr "Ajouter l'horodatage au débogage"
-#: src/providers/krb5/krb5_child.c:2346 src/providers/ldap/ldap_child.c:593
+#: src/providers/krb5/krb5_child.c:2346 src/providers/ldap/ldap_child.c:613
#: src/util/util.h:116
msgid "Show timestamps with microseconds"
msgstr "Afficher l'horodatage en microsecondes"
-#: src/providers/krb5/krb5_child.c:2348 src/providers/ldap/ldap_child.c:595
+#: src/providers/krb5/krb5_child.c:2348 src/providers/ldap/ldap_child.c:615
msgid "An open file descriptor for the debug logs"
msgstr "Un descripteur de fichier ouvert pour les journaux de débogage"
-#: src/providers/krb5/krb5_child.c:2351 src/providers/ldap/ldap_child.c:597
+#: src/providers/krb5/krb5_child.c:2351 src/providers/ldap/ldap_child.c:617
#: src/util/util.h:112
msgid "Send the debug output to stderr directly."
msgstr ""
@@ -1351,74 +1372,83 @@ msgstr ""
msgid "The group to create FAST ccache as"
msgstr ""
-#: src/providers/data_provider_be.c:2833
+#: src/providers/data_provider_be.c:2834
msgid "Domain of the information provider (mandatory)"
msgstr "Domaine du fournisseur d'informations (obligatoire)"
-#: src/sss_client/common.c:969
+#: src/sss_client/common.c:971
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
"Le socket privilégié a de mauvaises permissions ou un mauvais propriétaire."
-#: src/sss_client/common.c:972
+#: src/sss_client/common.c:974
msgid "Public socket has wrong ownership or permissions."
msgstr ""
"Le socket public a de mauvaises permissions ou un mauvais propriétaire."
-#: src/sss_client/common.c:975
+#: src/sss_client/common.c:977
msgid "Unexpected format of the server credential message."
msgstr "Le message du serveur de crédits a un format inattendu."
-#: src/sss_client/common.c:978
+#: src/sss_client/common.c:980
msgid "SSSD is not run by root."
msgstr "SSSD n'est pas démarré par root."
-#: src/sss_client/common.c:983
+#: src/sss_client/common.c:985
msgid "An error occurred, but no description can be found."
msgstr "Une erreur est survenue mais aucune description n'est trouvée."
-#: src/sss_client/common.c:989
+#: src/sss_client/common.c:991
msgid "Unexpected error while looking for an error description"
msgstr "Erreur inattendue lors de la recherche de la description de l'erreur"
-#: src/sss_client/pam_sss.c:398
+#: src/sss_client/pam_sss.c:63
+msgid "Permission denied. "
+msgstr ""
+
+#: src/sss_client/pam_sss.c:64 src/sss_client/pam_sss.c:883
+#: src/sss_client/pam_sss.c:894
+msgid "Server message: "
+msgstr "Message du serveur : "
+
+#: src/sss_client/pam_sss.c:401
msgid "Passwords do not match"
msgstr "Les mots de passe ne correspondent pas"
-#: src/sss_client/pam_sss.c:586
+#: src/sss_client/pam_sss.c:589
msgid "Password reset by root is not supported."
msgstr ""
"La réinitialisation du mot de passe par root n'est pas prise en charge."
-#: src/sss_client/pam_sss.c:627
+#: src/sss_client/pam_sss.c:630
msgid "Authenticated with cached credentials"
msgstr "Authentifié avec les crédits mis en cache"
-#: src/sss_client/pam_sss.c:628
+#: src/sss_client/pam_sss.c:631
msgid ", your cached password will expire at: "
msgstr ", votre mot de passe en cache expirera à :"
-#: src/sss_client/pam_sss.c:658
+#: src/sss_client/pam_sss.c:661
#, c-format
msgid "Your password has expired. You have %1$d grace login(s) remaining."
msgstr ""
"Votre mot de passe a expiré. Il vous reste %1$d connexion(s) autorisée(s)."
-#: src/sss_client/pam_sss.c:704
+#: src/sss_client/pam_sss.c:707
#, c-format
msgid "Your password will expire in %1$d %2$s."
msgstr "Votre mot de passe expirera dans %1$d %2$s."
-#: src/sss_client/pam_sss.c:753
+#: src/sss_client/pam_sss.c:756
msgid "Authentication is denied until: "
msgstr "L'authentification est refusée jusque :"
-#: src/sss_client/pam_sss.c:774
+#: src/sss_client/pam_sss.c:777
msgid "System is offline, password change not possible"
msgstr ""
"Le système est hors-ligne, les modifications du mot de passe sont impossibles"
-#: src/sss_client/pam_sss.c:789
+#: src/sss_client/pam_sss.c:792
msgid ""
"After changing the OTP password, you need to log out and back in order to "
"acquire a ticket"
@@ -1426,31 +1456,27 @@ msgstr ""
"Après avoir modifié le mot de passe OTP, vous devez vous déconnecter et vous "
"reconnecter afin d'acquérir un ticket"
-#: src/sss_client/pam_sss.c:820 src/sss_client/pam_sss.c:833
+#: src/sss_client/pam_sss.c:880 src/sss_client/pam_sss.c:893
msgid "Password change failed. "
msgstr "Échec du changement de mot de passe."
-#: src/sss_client/pam_sss.c:823 src/sss_client/pam_sss.c:834
-msgid "Server message: "
-msgstr "Message du serveur : "
-
-#: src/sss_client/pam_sss.c:1274
+#: src/sss_client/pam_sss.c:1336
msgid "New Password: "
msgstr "Nouveau mot de passe : "
-#: src/sss_client/pam_sss.c:1275
+#: src/sss_client/pam_sss.c:1337
msgid "Reenter new Password: "
msgstr "Retaper le nouveau mot de passe : "
-#: src/sss_client/pam_sss.c:1374
+#: src/sss_client/pam_sss.c:1436
msgid "Password: "
msgstr "Mot de passe : "
-#: src/sss_client/pam_sss.c:1406
+#: src/sss_client/pam_sss.c:1468
msgid "Current Password: "
msgstr "Mot de passe actuel : "
-#: src/sss_client/pam_sss.c:1582
+#: src/sss_client/pam_sss.c:1644
msgid "Password expired. Change your password now."
msgstr "Mot de passe expiré. Changez votre mot de passe maintenant."
@@ -2007,7 +2033,7 @@ msgstr "Invalidation de toutes les cartes autofs"
#: src/tools/sss_cache.c:614
msgid "Invalidate particular SSH host"
-msgstr ""
+msgstr "Invalider un hôte SSH particulier"
#: src/tools/sss_cache.c:616
msgid "Invalidate all SSH hosts"
diff --git a/po/hu.po b/po/hu.po
index f4cbf8b41..411d69598 100644
--- a/po/hu.po
+++ b/po/hu.po
@@ -10,7 +10,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2015-02-18 16:53+0100\n"
+"POT-Creation-Date: 2015-06-12 10:37+0200\n"
"PO-Revision-Date: 2014-06-04 02:04-0400\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Hungarian (http://www.transifex.com/projects/p/sssd/language/"
@@ -20,7 +20,7 @@ msgstr ""
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"
-"X-Generator: Zanata 3.5.1\n"
+"X-Generator: Zanata 3.6.2\n"
#: src/config/SSSDConfig/__init__.py.in:43
msgid "Set the verbosity of the debug logging"
@@ -106,7 +106,7 @@ msgid "Entry cache background update timeout length (seconds)"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:67
-#: src/config/SSSDConfig/__init__.py.in:96
+#: src/config/SSSDConfig/__init__.py.in:97
msgid "Negative cache timeout length (seconds)"
msgstr ""
@@ -200,1025 +200,1037 @@ msgstr ""
msgid "List of domains accessible even for untrusted users."
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:93
+#: src/config/SSSDConfig/__init__.py.in:91
+msgid "Message printed when user account is expired."
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:94
msgid "Whether to evaluate the time-based attributes in sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:99
+#: src/config/SSSDConfig/__init__.py.in:100
msgid "Whether to hash host names and addresses in the known_hosts file"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:100
+#: src/config/SSSDConfig/__init__.py.in:101
msgid ""
"How many seconds to keep a host in the known_hosts file after its host keys "
"were requested"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:103
+#: src/config/SSSDConfig/__init__.py.in:104
msgid "List of UIDs or user names allowed to access the PAC responder"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:106
+#: src/config/SSSDConfig/__init__.py.in:107
msgid "List of UIDs or user names allowed to access the InfoPipe responder"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:107
+#: src/config/SSSDConfig/__init__.py.in:108
msgid "List of user attributes the InfoPipe is allowed to publish"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:110
+#: src/config/SSSDConfig/__init__.py.in:111
msgid "Identity provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:111
+#: src/config/SSSDConfig/__init__.py.in:112
msgid "Authentication provider"
msgstr "Azonosító-kiszolgáló"
-#: src/config/SSSDConfig/__init__.py.in:112
+#: src/config/SSSDConfig/__init__.py.in:113
msgid "Access control provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:113
+#: src/config/SSSDConfig/__init__.py.in:114
msgid "Password change provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:114
+#: src/config/SSSDConfig/__init__.py.in:115
msgid "SUDO provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:115
+#: src/config/SSSDConfig/__init__.py.in:116
msgid "Autofs provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:116
+#: src/config/SSSDConfig/__init__.py.in:117
msgid "Session-loading provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:117
+#: src/config/SSSDConfig/__init__.py.in:118
msgid "Host identity provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:120
+#: src/config/SSSDConfig/__init__.py.in:121
msgid "Minimum user ID"
msgstr "Legkisebb felhasználói azonosító"
-#: src/config/SSSDConfig/__init__.py.in:121
+#: src/config/SSSDConfig/__init__.py.in:122
msgid "Maximum user ID"
msgstr "Legnagyobb felhasználói azonosító"
-#: src/config/SSSDConfig/__init__.py.in:122
+#: src/config/SSSDConfig/__init__.py.in:123
msgid "Enable enumerating all users/groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:123
+#: src/config/SSSDConfig/__init__.py.in:124
msgid "Cache credentials for offline login"
msgstr "Azonosítók gyorsítótárazása offline használathoz"
-#: src/config/SSSDConfig/__init__.py.in:124
+#: src/config/SSSDConfig/__init__.py.in:125
msgid "Store password hashes"
msgstr "Jelszó hash-ek tárolása"
-#: src/config/SSSDConfig/__init__.py.in:125
+#: src/config/SSSDConfig/__init__.py.in:126
msgid "Display users/groups in fully-qualified form"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:126
+#: src/config/SSSDConfig/__init__.py.in:127
msgid "Don't include group members in group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:127
-#: src/config/SSSDConfig/__init__.py.in:134
+#: src/config/SSSDConfig/__init__.py.in:128
#: src/config/SSSDConfig/__init__.py.in:135
#: src/config/SSSDConfig/__init__.py.in:136
#: src/config/SSSDConfig/__init__.py.in:137
#: src/config/SSSDConfig/__init__.py.in:138
#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "Entry cache timeout length (seconds)"
msgstr "Bejegyzés-gyorsítótár érvényessége (másodperc)"
-#: src/config/SSSDConfig/__init__.py.in:128
+#: src/config/SSSDConfig/__init__.py.in:129
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:129
+#: src/config/SSSDConfig/__init__.py.in:130
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:130
+#: src/config/SSSDConfig/__init__.py.in:131
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "The domain part of service discovery DNS query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "Override GID value from the identity provider with this value"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Treat usernames as case sensitive"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "How often should expired entries be refreshed in background"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "Whether to automatically update the client's DNS entry"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:142
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:143
+#: src/config/SSSDConfig/__init__.py.in:159
msgid "The TTL to apply to the client's DNS entry after updating it"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:143
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:145
msgid "How often to periodically update the client's DNS entry"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:146
msgid "Whether the provider should explicitly update the PTR record as well"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:147
msgid "Whether the nsupdate utility should default to using TCP"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "What kind of authentication should be used to perform the DNS update"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:148
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "Control enumeration of trusted domains"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:149
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "How often should subdomains list be refreshed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:152
+#: src/config/SSSDConfig/__init__.py.in:151
+msgid "List of options that should be inherited into a subdomain"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:154
msgid "IPA domain"
msgstr "IPA-tartomány"
-#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:155
msgid "IPA server address"
msgstr "IPA kiszolgáló címe"
-#: src/config/SSSDConfig/__init__.py.in:154
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Address of backup IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:155
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "IPA client hostname"
msgstr "IPA kliens hosztneve"
-#: src/config/SSSDConfig/__init__.py.in:156
+#: src/config/SSSDConfig/__init__.py.in:158
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:161
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:160
+#: src/config/SSSDConfig/__init__.py.in:162
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:161
+#: src/config/SSSDConfig/__init__.py.in:163
msgid ""
"The amount of time in seconds between lookups of the SELinux maps against "
"the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:162
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "The automounter location this IPA client is using"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Search base for object containing info about IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:168
msgid "Search base for objects containing info about ID ranges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:167
-#: src/config/SSSDConfig/__init__.py.in:181
+#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:183
msgid "Enable DNS sites - location based service discovery"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:168
+#: src/config/SSSDConfig/__init__.py.in:170
msgid "Search base for view containers"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:171
msgid "Objectclass for view containers"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:170
+#: src/config/SSSDConfig/__init__.py.in:172
msgid "Attribute with the name of the view"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
msgid "Objectclass for override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:172
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Attribute with the reference to the original object"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:175
msgid "Objectclass for user override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:176
msgid "Objectclass for group override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "Active Directory domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "Active Directory server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "Active Directory backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "Active Directory client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:182
-#: src/config/SSSDConfig/__init__.py.in:357
+#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:360
msgid "LDAP filter to determine access privileges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:183
+#: src/config/SSSDConfig/__init__.py.in:185
msgid "Whether to use the Global Catalog for lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Operation mode for GPO-based access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:187
msgid ""
"The amount of time between lookups of the GPO policy files against the AD "
"server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:186
+#: src/config/SSSDConfig/__init__.py.in:188
msgid ""
"PAM service names that map to the GPO (Deny)InteractiveLogonRight policy "
"settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:189
msgid ""
"PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight "
"policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:190
msgid ""
"PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:191
msgid ""
"PAM service names that map to the GPO (Deny)BatchLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:192
msgid ""
"PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "PAM service names for which GPO-based access is always granted"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "PAM service names for which GPO-based access is always denied"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:195
msgid ""
"Default logon right (or permit/deny) to use for unmapped PAM service names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "a particular site to be used by the client"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:197
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "Kerberos server address"
msgstr "Kerberos-kiszolgáló címe"
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Kerberos backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "Kerberos realm"
msgstr "Kerberos-tartomány"
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "Authentication timeout"
msgstr "Időtúllépés azonosításkor"
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "Whether to create kdcinfo files"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "Where to drop krb5 config snippets"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "Directory to store credential caches"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:207
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "Location of the user's credential cache"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:210
msgid "Location of the keytab to validate credentials"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:209
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "Enable credential validation"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:212
msgid "Store password if offline for later online authentication"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:211
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:212
+#: src/config/SSSDConfig/__init__.py.in:214
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:215
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "Enables FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "Selects the principal to use for FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:218
msgid "Enables principal canonicalization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:217
+#: src/config/SSSDConfig/__init__.py.in:219
msgid "Enables enterprise principals"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:220
-#: src/config/SSSDConfig/__init__.py.in:221
-msgid "Server where the change password service is running if not on the KDC"
+msgid "A mapping from user names to kerberos principal names"
msgstr ""
+#: src/config/SSSDConfig/__init__.py.in:223
#: src/config/SSSDConfig/__init__.py.in:224
+msgid "Server where the change password service is running if not on the KDC"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:227
msgid "ldap_uri, The URI of the LDAP server"
msgstr "ldap_uri, az LDAP szerver URI-ja"
-#: src/config/SSSDConfig/__init__.py.in:225
+#: src/config/SSSDConfig/__init__.py.in:228
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:226
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "The default base DN"
msgstr "Alapértelmezett LDAP alap-DN-je"
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr "Az LDAP szerveren használt séma-típus, rfc2307"
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "The default bind DN"
msgstr "Az alapértelmezett bind DN"
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "The type of the authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "The authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:231
+#: src/config/SSSDConfig/__init__.py.in:234
msgid "Length of time to attempt connection"
msgstr "A kapcsolódási próbálkozás időtartama"
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Length of time to attempt synchronous LDAP operations"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "Length of time between attempts to reconnect while offline"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "File that contains CA certificates"
msgstr "A CA tanusítványokat tartalmazó fájl"
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Path to CA certificate directory"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:237
+#: src/config/SSSDConfig/__init__.py.in:240
msgid "File that contains the client certificate"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "File that contains the client key"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "Require TLS certificate verification"
msgstr "TLS tanusítvány ellenőrzése"
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "Specify the sasl mechanism to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "Specify the sasl authorization id to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "Specify the sasl authorization realm to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:244
+#: src/config/SSSDConfig/__init__.py.in:247
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Kerberos service keytab"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "Use Kerberos auth for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "Follow LDAP referrals"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "Lifetime of TGT for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:250
+#: src/config/SSSDConfig/__init__.py.in:253
msgid "Service name for DNS service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "entryUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "lastUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:260
+#: src/config/SSSDConfig/__init__.py.in:263
msgid "Disable the LDAP paging control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "Disable Active Directory range retrieval"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "Length of time to wait for a search request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "Length of time to wait for a enumeration request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "Length of time between enumeration updates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "Length of time between cache cleanups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "Require TLS for ID lookups"
msgstr "TLS megkövetelése ID keresésekor"
-#: src/config/SSSDConfig/__init__.py.in:269
+#: src/config/SSSDConfig/__init__.py.in:272
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:270
+#: src/config/SSSDConfig/__init__.py.in:273
msgid "Base DN for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:271
+#: src/config/SSSDConfig/__init__.py.in:274
msgid "Scope of user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:272
+#: src/config/SSSDConfig/__init__.py.in:275
msgid "Filter for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:273
+#: src/config/SSSDConfig/__init__.py.in:276
msgid "Objectclass for users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Username attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "UID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "Primary GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "GECOS attribute"
msgstr "GECOS attribútum"
-#: src/config/SSSDConfig/__init__.py.in:279
+#: src/config/SSSDConfig/__init__.py.in:282
msgid "Home directory attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "Shell attribute"
msgstr "Shell attribútum"
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
#, fuzzy
msgid "UUID attribute"
msgstr "GECOS attribútum"
-#: src/config/SSSDConfig/__init__.py.in:282
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:322
msgid "objectSID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Active Directory primary group attribute for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:284
+#: src/config/SSSDConfig/__init__.py.in:287
msgid "User principal attribute (for Kerberos)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:288
msgid "Full Name"
msgstr "Teljes név"
-#: src/config/SSSDConfig/__init__.py.in:286
+#: src/config/SSSDConfig/__init__.py.in:289
msgid "memberOf attribute"
msgstr "memberOf attribútum"
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Modification time attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "shadowMin attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "shadowMax attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:292
+#: src/config/SSSDConfig/__init__.py.in:295
msgid "shadowWarning attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:293
+#: src/config/SSSDConfig/__init__.py.in:296
msgid "shadowInactive attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "shadowExpire attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "shadowFlag attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:296
+#: src/config/SSSDConfig/__init__.py.in:299
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:297
+#: src/config/SSSDConfig/__init__.py.in:300
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:298
+#: src/config/SSSDConfig/__init__.py.in:301
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:299
+#: src/config/SSSDConfig/__init__.py.in:302
msgid "krbPasswordExpiration attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:300
+#: src/config/SSSDConfig/__init__.py.in:303
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "accountExpires attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "nsAccountLock attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:304
+#: src/config/SSSDConfig/__init__.py.in:307
msgid "loginDisabled attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:305
+#: src/config/SSSDConfig/__init__.py.in:308
msgid "loginExpirationTime attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:306
+#: src/config/SSSDConfig/__init__.py.in:309
msgid "loginAllowedTimeMap attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "SSH public key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "A list of extra attributes to download along with the user entry"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:310
+#: src/config/SSSDConfig/__init__.py.in:313
msgid "Base DN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:313
+#: src/config/SSSDConfig/__init__.py.in:316
msgid "Objectclass for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "Group name"
msgstr "Csoport neve"
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Group password"
msgstr "Csoport jelszava"
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid "GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:317
+#: src/config/SSSDConfig/__init__.py.in:320
msgid "Group member attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:318
+#: src/config/SSSDConfig/__init__.py.in:321
#, fuzzy
msgid "Group UUID attribute"
msgstr "GECOS attribútum"
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "Modification time attribute for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "Type of the group and other flags"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:323
+#: src/config/SSSDConfig/__init__.py.in:326
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Base DN for netgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Objectclass for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Netgroups members attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid "Netgroup triple attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "Modification time attribute for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:332
+#: src/config/SSSDConfig/__init__.py.in:335
msgid "Base DN for service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Objectclass for services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Service name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Service port attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Service protocol attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:339
+#: src/config/SSSDConfig/__init__.py.in:342
msgid "Lower bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:340
+#: src/config/SSSDConfig/__init__.py.in:343
msgid "Upper bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:343
+#: src/config/SSSDConfig/__init__.py.in:346
msgid "Name of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:344
+#: src/config/SSSDConfig/__init__.py.in:347
msgid "SID of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:347
+#: src/config/SSSDConfig/__init__.py.in:350
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:348
+#: src/config/SSSDConfig/__init__.py.in:351
msgid "Whether to use Token-Groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "Set lower boundary for allowed IDs from the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Set upper boundary for allowed IDs from the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:351
+#: src/config/SSSDConfig/__init__.py.in:354
msgid "DN for ppolicy queries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:354
+#: src/config/SSSDConfig/__init__.py.in:357
msgid "Policy to evaluate the password expiration"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:358
+#: src/config/SSSDConfig/__init__.py.in:361
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:359
+#: src/config/SSSDConfig/__init__.py.in:362
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:362
+#: src/config/SSSDConfig/__init__.py.in:365
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:363
+#: src/config/SSSDConfig/__init__.py.in:366
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:364
+#: src/config/SSSDConfig/__init__.py.in:367
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:365
+#: src/config/SSSDConfig/__init__.py.in:368
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:368
+#: src/config/SSSDConfig/__init__.py.in:371
msgid "Base DN for sudo rules lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:369
+#: src/config/SSSDConfig/__init__.py.in:372
msgid "Automatic full refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:370
+#: src/config/SSSDConfig/__init__.py.in:373
msgid "Automatic smart refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:371
+#: src/config/SSSDConfig/__init__.py.in:374
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:372
+#: src/config/SSSDConfig/__init__.py.in:375
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:373
+#: src/config/SSSDConfig/__init__.py.in:376
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:374
+#: src/config/SSSDConfig/__init__.py.in:377
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:375
+#: src/config/SSSDConfig/__init__.py.in:378
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:376
+#: src/config/SSSDConfig/__init__.py.in:379
msgid "Object class for sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:377
+#: src/config/SSSDConfig/__init__.py.in:380
msgid "Sudo rule name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:378
+#: src/config/SSSDConfig/__init__.py.in:381
msgid "Sudo rule command attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:379
+#: src/config/SSSDConfig/__init__.py.in:382
msgid "Sudo rule host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:380
+#: src/config/SSSDConfig/__init__.py.in:383
msgid "Sudo rule user attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:381
+#: src/config/SSSDConfig/__init__.py.in:384
msgid "Sudo rule option attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:382
+#: src/config/SSSDConfig/__init__.py.in:385
msgid "Sudo rule runas attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:383
+#: src/config/SSSDConfig/__init__.py.in:386
msgid "Sudo rule runasuser attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:384
+#: src/config/SSSDConfig/__init__.py.in:387
msgid "Sudo rule runasgroup attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:385
+#: src/config/SSSDConfig/__init__.py.in:388
msgid "Sudo rule notbefore attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:386
+#: src/config/SSSDConfig/__init__.py.in:389
msgid "Sudo rule notafter attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:387
+#: src/config/SSSDConfig/__init__.py.in:390
msgid "Sudo rule order attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:390
+#: src/config/SSSDConfig/__init__.py.in:393
msgid "Object class for automounter maps"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:391
+#: src/config/SSSDConfig/__init__.py.in:394
msgid "Automounter map name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:392
+#: src/config/SSSDConfig/__init__.py.in:395
msgid "Object class for automounter map entries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:393
+#: src/config/SSSDConfig/__init__.py.in:396
msgid "Automounter map entry key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:394
+#: src/config/SSSDConfig/__init__.py.in:397
msgid "Automounter map entry value attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:395
+#: src/config/SSSDConfig/__init__.py.in:398
msgid "Base DN for automounter map lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:398
+#: src/config/SSSDConfig/__init__.py.in:401
msgid "Comma separated list of allowed users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:399
+#: src/config/SSSDConfig/__init__.py.in:402
msgid "Comma separated list of prohibited users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:402
+#: src/config/SSSDConfig/__init__.py.in:405
msgid "Default shell, /bin/bash"
msgstr "Alapértelmezett shell, /bin/bash"
-#: src/config/SSSDConfig/__init__.py.in:403
+#: src/config/SSSDConfig/__init__.py.in:406
msgid "Base for home directories"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:406
+#: src/config/SSSDConfig/__init__.py.in:409
msgid "The name of the NSS library to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:407
+#: src/config/SSSDConfig/__init__.py.in:410
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:410
+#: src/config/SSSDConfig/__init__.py.in:413
msgid "PAM stack to use"
msgstr ""
@@ -1238,26 +1250,26 @@ msgstr ""
msgid "Print version number and exit"
msgstr ""
-#: src/providers/krb5/krb5_child.c:2342 src/providers/ldap/ldap_child.c:589
+#: src/providers/krb5/krb5_child.c:2342 src/providers/ldap/ldap_child.c:609
#: src/util/util.h:108
msgid "Debug level"
msgstr ""
-#: src/providers/krb5/krb5_child.c:2344 src/providers/ldap/ldap_child.c:591
+#: src/providers/krb5/krb5_child.c:2344 src/providers/ldap/ldap_child.c:611
#: src/util/util.h:114
msgid "Add debug timestamps"
msgstr "Időbélyegek a hibakeresési kimenetben"
-#: src/providers/krb5/krb5_child.c:2346 src/providers/ldap/ldap_child.c:593
+#: src/providers/krb5/krb5_child.c:2346 src/providers/ldap/ldap_child.c:613
#: src/util/util.h:116
msgid "Show timestamps with microseconds"
msgstr "Mikroszekundum pontosságú időbélyegek"
-#: src/providers/krb5/krb5_child.c:2348 src/providers/ldap/ldap_child.c:595
+#: src/providers/krb5/krb5_child.c:2348 src/providers/ldap/ldap_child.c:615
msgid "An open file descriptor for the debug logs"
msgstr ""
-#: src/providers/krb5/krb5_child.c:2351 src/providers/ldap/ldap_child.c:597
+#: src/providers/krb5/krb5_child.c:2351 src/providers/ldap/ldap_child.c:617
#: src/util/util.h:112
msgid "Send the debug output to stderr directly."
msgstr ""
@@ -1270,99 +1282,104 @@ msgstr ""
msgid "The group to create FAST ccache as"
msgstr ""
-#: src/providers/data_provider_be.c:2833
+#: src/providers/data_provider_be.c:2834
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:969
+#: src/sss_client/common.c:971
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:972
+#: src/sss_client/common.c:974
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:975
+#: src/sss_client/common.c:977
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:978
+#: src/sss_client/common.c:980
msgid "SSSD is not run by root."
msgstr "Az SSSD nem root-ként fut."
-#: src/sss_client/common.c:983
+#: src/sss_client/common.c:985
msgid "An error occurred, but no description can be found."
msgstr "Hiba lépett fel, de nem érhetőek el részletek."
-#: src/sss_client/common.c:989
+#: src/sss_client/common.c:991
msgid "Unexpected error while looking for an error description"
msgstr ""
-#: src/sss_client/pam_sss.c:398
+#: src/sss_client/pam_sss.c:63
+msgid "Permission denied. "
+msgstr ""
+
+#: src/sss_client/pam_sss.c:64 src/sss_client/pam_sss.c:883
+#: src/sss_client/pam_sss.c:894
+msgid "Server message: "
+msgstr "Szerver üzenete:"
+
+#: src/sss_client/pam_sss.c:401
msgid "Passwords do not match"
msgstr "A jelszavak nem egyeznek"
-#: src/sss_client/pam_sss.c:586
+#: src/sss_client/pam_sss.c:589
msgid "Password reset by root is not supported."
msgstr "A jelszó root általi visszaállítása nem támogatott."
-#: src/sss_client/pam_sss.c:627
+#: src/sss_client/pam_sss.c:630
msgid "Authenticated with cached credentials"
msgstr "Azonosítva gyorsítótárazott adatbázisból"
-#: src/sss_client/pam_sss.c:628
+#: src/sss_client/pam_sss.c:631
msgid ", your cached password will expire at: "
msgstr ", a gyorsítótárazott jelszó lejár ekkor: "
-#: src/sss_client/pam_sss.c:658
+#: src/sss_client/pam_sss.c:661
#, c-format
msgid "Your password has expired. You have %1$d grace login(s) remaining."
msgstr ""
-#: src/sss_client/pam_sss.c:704
+#: src/sss_client/pam_sss.c:707
#, c-format
msgid "Your password will expire in %1$d %2$s."
msgstr ""
-#: src/sss_client/pam_sss.c:753
+#: src/sss_client/pam_sss.c:756
msgid "Authentication is denied until: "
msgstr "A bejelentkezés tiltott eddig:"
-#: src/sss_client/pam_sss.c:774
+#: src/sss_client/pam_sss.c:777
msgid "System is offline, password change not possible"
msgstr "A rendszer nem érhető el, a jelszó megváltoztatása nem lehetséges"
-#: src/sss_client/pam_sss.c:789
+#: src/sss_client/pam_sss.c:792
msgid ""
"After changing the OTP password, you need to log out and back in order to "
"acquire a ticket"
msgstr ""
-#: src/sss_client/pam_sss.c:820 src/sss_client/pam_sss.c:833
+#: src/sss_client/pam_sss.c:880 src/sss_client/pam_sss.c:893
msgid "Password change failed. "
msgstr "A jelszó megváltoztatása nem sikerült."
-#: src/sss_client/pam_sss.c:823 src/sss_client/pam_sss.c:834
-msgid "Server message: "
-msgstr "Szerver üzenete:"
-
-#: src/sss_client/pam_sss.c:1274
+#: src/sss_client/pam_sss.c:1336
msgid "New Password: "
msgstr "Új jelszó:"
-#: src/sss_client/pam_sss.c:1275
+#: src/sss_client/pam_sss.c:1337
msgid "Reenter new Password: "
msgstr "Jelszó mégegyszer: "
-#: src/sss_client/pam_sss.c:1374
+#: src/sss_client/pam_sss.c:1436
msgid "Password: "
msgstr "Jelszó: "
-#: src/sss_client/pam_sss.c:1406
+#: src/sss_client/pam_sss.c:1468
msgid "Current Password: "
msgstr "Jelenlegi jelszó:"
-#: src/sss_client/pam_sss.c:1582
+#: src/sss_client/pam_sss.c:1644
msgid "Password expired. Change your password now."
msgstr "A jelszava lejárt, változtass meg most."
diff --git a/po/id.po b/po/id.po
index 3bdc37c38..ec82dea0b 100644
--- a/po/id.po
+++ b/po/id.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2015-02-18 16:53+0100\n"
+"POT-Creation-Date: 2015-06-12 10:37+0200\n"
"PO-Revision-Date: 2014-06-04 02:04-0400\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Indonesian (http://www.transifex.com/projects/p/sssd/language/"
@@ -17,7 +17,7 @@ msgstr ""
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=1; plural=0;\n"
-"X-Generator: Zanata 3.5.1\n"
+"X-Generator: Zanata 3.6.2\n"
#: src/config/SSSDConfig/__init__.py.in:43
msgid "Set the verbosity of the debug logging"
@@ -103,7 +103,7 @@ msgid "Entry cache background update timeout length (seconds)"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:67
-#: src/config/SSSDConfig/__init__.py.in:96
+#: src/config/SSSDConfig/__init__.py.in:97
msgid "Negative cache timeout length (seconds)"
msgstr ""
@@ -197,1025 +197,1037 @@ msgstr ""
msgid "List of domains accessible even for untrusted users."
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:93
+#: src/config/SSSDConfig/__init__.py.in:91
+msgid "Message printed when user account is expired."
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:94
msgid "Whether to evaluate the time-based attributes in sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:99
+#: src/config/SSSDConfig/__init__.py.in:100
msgid "Whether to hash host names and addresses in the known_hosts file"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:100
+#: src/config/SSSDConfig/__init__.py.in:101
msgid ""
"How many seconds to keep a host in the known_hosts file after its host keys "
"were requested"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:103
+#: src/config/SSSDConfig/__init__.py.in:104
msgid "List of UIDs or user names allowed to access the PAC responder"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:106
+#: src/config/SSSDConfig/__init__.py.in:107
msgid "List of UIDs or user names allowed to access the InfoPipe responder"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:107
+#: src/config/SSSDConfig/__init__.py.in:108
msgid "List of user attributes the InfoPipe is allowed to publish"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:110
+#: src/config/SSSDConfig/__init__.py.in:111
msgid "Identity provider"
msgstr "Penyedia identitas"
-#: src/config/SSSDConfig/__init__.py.in:111
+#: src/config/SSSDConfig/__init__.py.in:112
msgid "Authentication provider"
msgstr "Penyedia otentikasi"
-#: src/config/SSSDConfig/__init__.py.in:112
+#: src/config/SSSDConfig/__init__.py.in:113
msgid "Access control provider"
msgstr "Penyedia kontrol akses"
-#: src/config/SSSDConfig/__init__.py.in:113
+#: src/config/SSSDConfig/__init__.py.in:114
msgid "Password change provider"
msgstr "Penyedia pengubah kata sandi"
-#: src/config/SSSDConfig/__init__.py.in:114
+#: src/config/SSSDConfig/__init__.py.in:115
msgid "SUDO provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:115
+#: src/config/SSSDConfig/__init__.py.in:116
msgid "Autofs provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:116
+#: src/config/SSSDConfig/__init__.py.in:117
msgid "Session-loading provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:117
+#: src/config/SSSDConfig/__init__.py.in:118
msgid "Host identity provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:120
+#: src/config/SSSDConfig/__init__.py.in:121
msgid "Minimum user ID"
msgstr "ID pengguna minimum"
-#: src/config/SSSDConfig/__init__.py.in:121
+#: src/config/SSSDConfig/__init__.py.in:122
msgid "Maximum user ID"
msgstr "ID pengguna maksimum"
-#: src/config/SSSDConfig/__init__.py.in:122
+#: src/config/SSSDConfig/__init__.py.in:123
msgid "Enable enumerating all users/groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:123
+#: src/config/SSSDConfig/__init__.py.in:124
msgid "Cache credentials for offline login"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:124
+#: src/config/SSSDConfig/__init__.py.in:125
msgid "Store password hashes"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:125
+#: src/config/SSSDConfig/__init__.py.in:126
msgid "Display users/groups in fully-qualified form"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:126
+#: src/config/SSSDConfig/__init__.py.in:127
msgid "Don't include group members in group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:127
-#: src/config/SSSDConfig/__init__.py.in:134
+#: src/config/SSSDConfig/__init__.py.in:128
#: src/config/SSSDConfig/__init__.py.in:135
#: src/config/SSSDConfig/__init__.py.in:136
#: src/config/SSSDConfig/__init__.py.in:137
#: src/config/SSSDConfig/__init__.py.in:138
#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "Entry cache timeout length (seconds)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:128
+#: src/config/SSSDConfig/__init__.py.in:129
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:129
+#: src/config/SSSDConfig/__init__.py.in:130
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:130
+#: src/config/SSSDConfig/__init__.py.in:131
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "The domain part of service discovery DNS query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "Override GID value from the identity provider with this value"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Treat usernames as case sensitive"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "How often should expired entries be refreshed in background"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "Whether to automatically update the client's DNS entry"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:142
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:143
+#: src/config/SSSDConfig/__init__.py.in:159
msgid "The TTL to apply to the client's DNS entry after updating it"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:143
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:145
msgid "How often to periodically update the client's DNS entry"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:146
msgid "Whether the provider should explicitly update the PTR record as well"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:147
msgid "Whether the nsupdate utility should default to using TCP"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "What kind of authentication should be used to perform the DNS update"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:148
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "Control enumeration of trusted domains"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:149
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "How often should subdomains list be refreshed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:152
+#: src/config/SSSDConfig/__init__.py.in:151
+msgid "List of options that should be inherited into a subdomain"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:154
msgid "IPA domain"
msgstr "Domain IPA"
-#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:155
msgid "IPA server address"
msgstr "Alamat server IPA"
-#: src/config/SSSDConfig/__init__.py.in:154
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Address of backup IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:155
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "IPA client hostname"
msgstr "Nama host klien IPA"
-#: src/config/SSSDConfig/__init__.py.in:156
+#: src/config/SSSDConfig/__init__.py.in:158
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:161
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:160
+#: src/config/SSSDConfig/__init__.py.in:162
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:161
+#: src/config/SSSDConfig/__init__.py.in:163
msgid ""
"The amount of time in seconds between lookups of the SELinux maps against "
"the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:162
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "The automounter location this IPA client is using"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Search base for object containing info about IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:168
msgid "Search base for objects containing info about ID ranges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:167
-#: src/config/SSSDConfig/__init__.py.in:181
+#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:183
msgid "Enable DNS sites - location based service discovery"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:168
+#: src/config/SSSDConfig/__init__.py.in:170
msgid "Search base for view containers"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:171
msgid "Objectclass for view containers"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:170
+#: src/config/SSSDConfig/__init__.py.in:172
msgid "Attribute with the name of the view"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
msgid "Objectclass for override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:172
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Attribute with the reference to the original object"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:175
msgid "Objectclass for user override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:176
msgid "Objectclass for group override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "Active Directory domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "Active Directory server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "Active Directory backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "Active Directory client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:182
-#: src/config/SSSDConfig/__init__.py.in:357
+#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:360
msgid "LDAP filter to determine access privileges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:183
+#: src/config/SSSDConfig/__init__.py.in:185
msgid "Whether to use the Global Catalog for lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Operation mode for GPO-based access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:187
msgid ""
"The amount of time between lookups of the GPO policy files against the AD "
"server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:186
+#: src/config/SSSDConfig/__init__.py.in:188
msgid ""
"PAM service names that map to the GPO (Deny)InteractiveLogonRight policy "
"settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:189
msgid ""
"PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight "
"policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:190
msgid ""
"PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:191
msgid ""
"PAM service names that map to the GPO (Deny)BatchLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:192
msgid ""
"PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "PAM service names for which GPO-based access is always granted"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "PAM service names for which GPO-based access is always denied"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:195
msgid ""
"Default logon right (or permit/deny) to use for unmapped PAM service names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "a particular site to be used by the client"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:197
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "Kerberos server address"
msgstr "Alamat server Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Kerberos backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "Kerberos realm"
msgstr "Realm Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "Authentication timeout"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "Whether to create kdcinfo files"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "Where to drop krb5 config snippets"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "Directory to store credential caches"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:207
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "Location of the user's credential cache"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:210
msgid "Location of the keytab to validate credentials"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:209
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "Enable credential validation"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:212
msgid "Store password if offline for later online authentication"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:211
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:212
+#: src/config/SSSDConfig/__init__.py.in:214
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:215
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "Enables FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "Selects the principal to use for FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:218
msgid "Enables principal canonicalization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:217
+#: src/config/SSSDConfig/__init__.py.in:219
msgid "Enables enterprise principals"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:220
-#: src/config/SSSDConfig/__init__.py.in:221
-msgid "Server where the change password service is running if not on the KDC"
+msgid "A mapping from user names to kerberos principal names"
msgstr ""
+#: src/config/SSSDConfig/__init__.py.in:223
#: src/config/SSSDConfig/__init__.py.in:224
+msgid "Server where the change password service is running if not on the KDC"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:227
msgid "ldap_uri, The URI of the LDAP server"
msgstr "ldap_uri, URI server LDAP"
-#: src/config/SSSDConfig/__init__.py.in:225
+#: src/config/SSSDConfig/__init__.py.in:228
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:226
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "The default base DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr "Jenis Skema yang digunakan pada server LDAP, rfc2307"
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "The default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "The type of the authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "The authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:231
+#: src/config/SSSDConfig/__init__.py.in:234
msgid "Length of time to attempt connection"
msgstr "Lamanya waktu untuk mencoba koneksi"
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Length of time to attempt synchronous LDAP operations"
msgstr "Lamanya waktu untuk mencoba operasi LDAP yang sinkron"
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "Length of time between attempts to reconnect while offline"
msgstr "Lamanya waktu antara upaya untuk menyambung kembali saat luring"
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "File that contains CA certificates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Path to CA certificate directory"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:237
+#: src/config/SSSDConfig/__init__.py.in:240
msgid "File that contains the client certificate"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "File that contains the client key"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "Require TLS certificate verification"
msgstr "Membutuhkan verifikasi sertifikat TLS"
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "Specify the sasl mechanism to use"
msgstr "Tentukan mekanisme sasl yang digunakan"
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "Specify the sasl authorization id to use"
msgstr "Tentukan id otorisasi sasl yang digunakan"
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "Specify the sasl authorization realm to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:244
+#: src/config/SSSDConfig/__init__.py.in:247
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Kerberos service keytab"
msgstr "Keytab layanan Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "Use Kerberos auth for LDAP connection"
msgstr "Gunakan otentikasi Kerberos untuk koneksi LDAP"
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "Follow LDAP referrals"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "Lifetime of TGT for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:250
+#: src/config/SSSDConfig/__init__.py.in:253
msgid "Service name for DNS service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "entryUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "lastUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:260
+#: src/config/SSSDConfig/__init__.py.in:263
msgid "Disable the LDAP paging control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "Disable Active Directory range retrieval"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "Length of time to wait for a search request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "Length of time to wait for a enumeration request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "Length of time between enumeration updates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "Length of time between cache cleanups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "Require TLS for ID lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:269
+#: src/config/SSSDConfig/__init__.py.in:272
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:270
+#: src/config/SSSDConfig/__init__.py.in:273
msgid "Base DN for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:271
+#: src/config/SSSDConfig/__init__.py.in:274
msgid "Scope of user lookups"
msgstr "Lingkup pencarian pengguna"
-#: src/config/SSSDConfig/__init__.py.in:272
+#: src/config/SSSDConfig/__init__.py.in:275
msgid "Filter for user lookups"
msgstr "Filter pencarian pengguna"
-#: src/config/SSSDConfig/__init__.py.in:273
+#: src/config/SSSDConfig/__init__.py.in:276
msgid "Objectclass for users"
msgstr "Objectclass untuk pengguna"
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Username attribute"
msgstr "Atribut Nama pengguna"
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "UID attribute"
msgstr "Atribut UID"
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "Primary GID attribute"
msgstr "Atribut GID Primer"
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "GECOS attribute"
msgstr "Atribut GECOS"
-#: src/config/SSSDConfig/__init__.py.in:279
+#: src/config/SSSDConfig/__init__.py.in:282
msgid "Home directory attribute"
msgstr "Atribut direktori Home"
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "Shell attribute"
msgstr "Atribut Shell"
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
#, fuzzy
msgid "UUID attribute"
msgstr "Atribut UID"
-#: src/config/SSSDConfig/__init__.py.in:282
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:322
msgid "objectSID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Active Directory primary group attribute for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:284
+#: src/config/SSSDConfig/__init__.py.in:287
msgid "User principal attribute (for Kerberos)"
msgstr "Atribut utama pengguna (untuk Kerberos)"
-#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:288
msgid "Full Name"
msgstr "Nama Lengkap"
-#: src/config/SSSDConfig/__init__.py.in:286
+#: src/config/SSSDConfig/__init__.py.in:289
msgid "memberOf attribute"
msgstr "Atribut memberOf"
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Modification time attribute"
msgstr "Atribut waktu modifikasi"
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "shadowMin attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "shadowMax attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:292
+#: src/config/SSSDConfig/__init__.py.in:295
msgid "shadowWarning attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:293
+#: src/config/SSSDConfig/__init__.py.in:296
msgid "shadowInactive attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "shadowExpire attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "shadowFlag attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:296
+#: src/config/SSSDConfig/__init__.py.in:299
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:297
+#: src/config/SSSDConfig/__init__.py.in:300
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:298
+#: src/config/SSSDConfig/__init__.py.in:301
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:299
+#: src/config/SSSDConfig/__init__.py.in:302
msgid "krbPasswordExpiration attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:300
+#: src/config/SSSDConfig/__init__.py.in:303
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "accountExpires attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "nsAccountLock attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:304
+#: src/config/SSSDConfig/__init__.py.in:307
msgid "loginDisabled attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:305
+#: src/config/SSSDConfig/__init__.py.in:308
msgid "loginExpirationTime attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:306
+#: src/config/SSSDConfig/__init__.py.in:309
msgid "loginAllowedTimeMap attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "SSH public key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "A list of extra attributes to download along with the user entry"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:310
+#: src/config/SSSDConfig/__init__.py.in:313
msgid "Base DN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:313
+#: src/config/SSSDConfig/__init__.py.in:316
msgid "Objectclass for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "Group name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Group password"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid "GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:317
+#: src/config/SSSDConfig/__init__.py.in:320
msgid "Group member attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:318
+#: src/config/SSSDConfig/__init__.py.in:321
#, fuzzy
msgid "Group UUID attribute"
msgstr "Atribut UID"
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "Modification time attribute for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "Type of the group and other flags"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:323
+#: src/config/SSSDConfig/__init__.py.in:326
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Base DN for netgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Objectclass for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Netgroups members attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid "Netgroup triple attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "Modification time attribute for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:332
+#: src/config/SSSDConfig/__init__.py.in:335
msgid "Base DN for service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Objectclass for services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Service name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Service port attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Service protocol attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:339
+#: src/config/SSSDConfig/__init__.py.in:342
msgid "Lower bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:340
+#: src/config/SSSDConfig/__init__.py.in:343
msgid "Upper bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:343
+#: src/config/SSSDConfig/__init__.py.in:346
msgid "Name of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:344
+#: src/config/SSSDConfig/__init__.py.in:347
msgid "SID of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:347
+#: src/config/SSSDConfig/__init__.py.in:350
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:348
+#: src/config/SSSDConfig/__init__.py.in:351
msgid "Whether to use Token-Groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "Set lower boundary for allowed IDs from the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Set upper boundary for allowed IDs from the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:351
+#: src/config/SSSDConfig/__init__.py.in:354
msgid "DN for ppolicy queries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:354
+#: src/config/SSSDConfig/__init__.py.in:357
msgid "Policy to evaluate the password expiration"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:358
+#: src/config/SSSDConfig/__init__.py.in:361
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:359
+#: src/config/SSSDConfig/__init__.py.in:362
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:362
+#: src/config/SSSDConfig/__init__.py.in:365
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:363
+#: src/config/SSSDConfig/__init__.py.in:366
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:364
+#: src/config/SSSDConfig/__init__.py.in:367
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:365
+#: src/config/SSSDConfig/__init__.py.in:368
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:368
+#: src/config/SSSDConfig/__init__.py.in:371
msgid "Base DN for sudo rules lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:369
+#: src/config/SSSDConfig/__init__.py.in:372
msgid "Automatic full refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:370
+#: src/config/SSSDConfig/__init__.py.in:373
msgid "Automatic smart refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:371
+#: src/config/SSSDConfig/__init__.py.in:374
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:372
+#: src/config/SSSDConfig/__init__.py.in:375
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:373
+#: src/config/SSSDConfig/__init__.py.in:376
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:374
+#: src/config/SSSDConfig/__init__.py.in:377
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:375
+#: src/config/SSSDConfig/__init__.py.in:378
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:376
+#: src/config/SSSDConfig/__init__.py.in:379
msgid "Object class for sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:377
+#: src/config/SSSDConfig/__init__.py.in:380
msgid "Sudo rule name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:378
+#: src/config/SSSDConfig/__init__.py.in:381
msgid "Sudo rule command attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:379
+#: src/config/SSSDConfig/__init__.py.in:382
msgid "Sudo rule host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:380
+#: src/config/SSSDConfig/__init__.py.in:383
msgid "Sudo rule user attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:381
+#: src/config/SSSDConfig/__init__.py.in:384
msgid "Sudo rule option attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:382
+#: src/config/SSSDConfig/__init__.py.in:385
msgid "Sudo rule runas attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:383
+#: src/config/SSSDConfig/__init__.py.in:386
msgid "Sudo rule runasuser attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:384
+#: src/config/SSSDConfig/__init__.py.in:387
msgid "Sudo rule runasgroup attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:385
+#: src/config/SSSDConfig/__init__.py.in:388
msgid "Sudo rule notbefore attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:386
+#: src/config/SSSDConfig/__init__.py.in:389
msgid "Sudo rule notafter attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:387
+#: src/config/SSSDConfig/__init__.py.in:390
msgid "Sudo rule order attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:390
+#: src/config/SSSDConfig/__init__.py.in:393
msgid "Object class for automounter maps"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:391
+#: src/config/SSSDConfig/__init__.py.in:394
msgid "Automounter map name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:392
+#: src/config/SSSDConfig/__init__.py.in:395
msgid "Object class for automounter map entries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:393
+#: src/config/SSSDConfig/__init__.py.in:396
msgid "Automounter map entry key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:394
+#: src/config/SSSDConfig/__init__.py.in:397
msgid "Automounter map entry value attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:395
+#: src/config/SSSDConfig/__init__.py.in:398
msgid "Base DN for automounter map lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:398
+#: src/config/SSSDConfig/__init__.py.in:401
msgid "Comma separated list of allowed users"
msgstr "Daftar pengguna yang diijinkan dalam format yang dipisahkan koma"
-#: src/config/SSSDConfig/__init__.py.in:399
+#: src/config/SSSDConfig/__init__.py.in:402
msgid "Comma separated list of prohibited users"
msgstr "Daftar pengguna yang tidak diijinkan dalam format yang dipisahkan koma"
-#: src/config/SSSDConfig/__init__.py.in:402
+#: src/config/SSSDConfig/__init__.py.in:405
msgid "Default shell, /bin/bash"
msgstr "Shell default, /bin/bash"
-#: src/config/SSSDConfig/__init__.py.in:403
+#: src/config/SSSDConfig/__init__.py.in:406
msgid "Base for home directories"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:406
+#: src/config/SSSDConfig/__init__.py.in:409
msgid "The name of the NSS library to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:407
+#: src/config/SSSDConfig/__init__.py.in:410
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:410
+#: src/config/SSSDConfig/__init__.py.in:413
msgid "PAM stack to use"
msgstr ""
@@ -1235,26 +1247,26 @@ msgstr ""
msgid "Print version number and exit"
msgstr ""
-#: src/providers/krb5/krb5_child.c:2342 src/providers/ldap/ldap_child.c:589
+#: src/providers/krb5/krb5_child.c:2342 src/providers/ldap/ldap_child.c:609
#: src/util/util.h:108
msgid "Debug level"
msgstr ""
-#: src/providers/krb5/krb5_child.c:2344 src/providers/ldap/ldap_child.c:591
+#: src/providers/krb5/krb5_child.c:2344 src/providers/ldap/ldap_child.c:611
#: src/util/util.h:114
msgid "Add debug timestamps"
msgstr ""
-#: src/providers/krb5/krb5_child.c:2346 src/providers/ldap/ldap_child.c:593
+#: src/providers/krb5/krb5_child.c:2346 src/providers/ldap/ldap_child.c:613
#: src/util/util.h:116
msgid "Show timestamps with microseconds"
msgstr ""
-#: src/providers/krb5/krb5_child.c:2348 src/providers/ldap/ldap_child.c:595
+#: src/providers/krb5/krb5_child.c:2348 src/providers/ldap/ldap_child.c:615
msgid "An open file descriptor for the debug logs"
msgstr ""
-#: src/providers/krb5/krb5_child.c:2351 src/providers/ldap/ldap_child.c:597
+#: src/providers/krb5/krb5_child.c:2351 src/providers/ldap/ldap_child.c:617
#: src/util/util.h:112
msgid "Send the debug output to stderr directly."
msgstr ""
@@ -1267,99 +1279,104 @@ msgstr ""
msgid "The group to create FAST ccache as"
msgstr ""
-#: src/providers/data_provider_be.c:2833
+#: src/providers/data_provider_be.c:2834
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:969
+#: src/sss_client/common.c:971
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:972
+#: src/sss_client/common.c:974
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:975
+#: src/sss_client/common.c:977
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:978
+#: src/sss_client/common.c:980
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:983
+#: src/sss_client/common.c:985
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:989
+#: src/sss_client/common.c:991
msgid "Unexpected error while looking for an error description"
msgstr ""
-#: src/sss_client/pam_sss.c:398
+#: src/sss_client/pam_sss.c:63
+msgid "Permission denied. "
+msgstr ""
+
+#: src/sss_client/pam_sss.c:64 src/sss_client/pam_sss.c:883
+#: src/sss_client/pam_sss.c:894
+msgid "Server message: "
+msgstr "Pesan server:"
+
+#: src/sss_client/pam_sss.c:401
msgid "Passwords do not match"
msgstr "Kata sandi tidak cocok"
-#: src/sss_client/pam_sss.c:586
+#: src/sss_client/pam_sss.c:589
msgid "Password reset by root is not supported."
msgstr ""
-#: src/sss_client/pam_sss.c:627
+#: src/sss_client/pam_sss.c:630
msgid "Authenticated with cached credentials"
msgstr ""
-#: src/sss_client/pam_sss.c:628
+#: src/sss_client/pam_sss.c:631
msgid ", your cached password will expire at: "
msgstr ""
-#: src/sss_client/pam_sss.c:658
+#: src/sss_client/pam_sss.c:661
#, c-format
msgid "Your password has expired. You have %1$d grace login(s) remaining."
msgstr ""
-#: src/sss_client/pam_sss.c:704
+#: src/sss_client/pam_sss.c:707
#, c-format
msgid "Your password will expire in %1$d %2$s."
msgstr ""
-#: src/sss_client/pam_sss.c:753
+#: src/sss_client/pam_sss.c:756
msgid "Authentication is denied until: "
msgstr ""
-#: src/sss_client/pam_sss.c:774
+#: src/sss_client/pam_sss.c:777
msgid "System is offline, password change not possible"
msgstr "Sistem sedang luring, perubahan kata sandi tidak dimungkinkan"
-#: src/sss_client/pam_sss.c:789
+#: src/sss_client/pam_sss.c:792
msgid ""
"After changing the OTP password, you need to log out and back in order to "
"acquire a ticket"
msgstr ""
-#: src/sss_client/pam_sss.c:820 src/sss_client/pam_sss.c:833
+#: src/sss_client/pam_sss.c:880 src/sss_client/pam_sss.c:893
msgid "Password change failed. "
msgstr "Perubahan kata sandi gagal."
-#: src/sss_client/pam_sss.c:823 src/sss_client/pam_sss.c:834
-msgid "Server message: "
-msgstr "Pesan server:"
-
-#: src/sss_client/pam_sss.c:1274
+#: src/sss_client/pam_sss.c:1336
msgid "New Password: "
msgstr "Kata Sandi Baru: "
-#: src/sss_client/pam_sss.c:1275
+#: src/sss_client/pam_sss.c:1337
msgid "Reenter new Password: "
msgstr "Masukkan lagi kata sandi baru:"
-#: src/sss_client/pam_sss.c:1374
+#: src/sss_client/pam_sss.c:1436
msgid "Password: "
msgstr "Kata sandi:"
-#: src/sss_client/pam_sss.c:1406
+#: src/sss_client/pam_sss.c:1468
msgid "Current Password: "
msgstr "Kata sandi saat ini:"
-#: src/sss_client/pam_sss.c:1582
+#: src/sss_client/pam_sss.c:1644
msgid "Password expired. Change your password now."
msgstr ""
diff --git a/po/it.po b/po/it.po
index 82dd97074..b4c7e8dc1 100644
--- a/po/it.po
+++ b/po/it.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2015-02-18 16:53+0100\n"
+"POT-Creation-Date: 2015-06-12 10:37+0200\n"
"PO-Revision-Date: 2014-06-04 02:04-0400\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Italian (http://www.transifex.com/projects/p/sssd/language/"
@@ -18,7 +18,7 @@ msgstr ""
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"
-"X-Generator: Zanata 3.5.1\n"
+"X-Generator: Zanata 3.6.2\n"
#: src/config/SSSDConfig/__init__.py.in:43
msgid "Set the verbosity of the debug logging"
@@ -104,7 +104,7 @@ msgid "Entry cache background update timeout length (seconds)"
msgstr "Durata timeout aggiornamento cache in background (secondi)"
#: src/config/SSSDConfig/__init__.py.in:67
-#: src/config/SSSDConfig/__init__.py.in:96
+#: src/config/SSSDConfig/__init__.py.in:97
msgid "Negative cache timeout length (seconds)"
msgstr "Durata timeout negative cache (secondi)"
@@ -201,1032 +201,1044 @@ msgstr ""
msgid "List of domains accessible even for untrusted users."
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:93
+#: src/config/SSSDConfig/__init__.py.in:91
+msgid "Message printed when user account is expired."
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:94
msgid "Whether to evaluate the time-based attributes in sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:99
+#: src/config/SSSDConfig/__init__.py.in:100
msgid "Whether to hash host names and addresses in the known_hosts file"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:100
+#: src/config/SSSDConfig/__init__.py.in:101
msgid ""
"How many seconds to keep a host in the known_hosts file after its host keys "
"were requested"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:103
+#: src/config/SSSDConfig/__init__.py.in:104
msgid "List of UIDs or user names allowed to access the PAC responder"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:106
+#: src/config/SSSDConfig/__init__.py.in:107
msgid "List of UIDs or user names allowed to access the InfoPipe responder"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:107
+#: src/config/SSSDConfig/__init__.py.in:108
msgid "List of user attributes the InfoPipe is allowed to publish"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:110
+#: src/config/SSSDConfig/__init__.py.in:111
msgid "Identity provider"
msgstr "Provider di identità"
-#: src/config/SSSDConfig/__init__.py.in:111
+#: src/config/SSSDConfig/__init__.py.in:112
msgid "Authentication provider"
msgstr "Provider di autenticazione"
-#: src/config/SSSDConfig/__init__.py.in:112
+#: src/config/SSSDConfig/__init__.py.in:113
msgid "Access control provider"
msgstr "Provider di access control"
-#: src/config/SSSDConfig/__init__.py.in:113
+#: src/config/SSSDConfig/__init__.py.in:114
msgid "Password change provider"
msgstr "Provider di cambio password"
-#: src/config/SSSDConfig/__init__.py.in:114
+#: src/config/SSSDConfig/__init__.py.in:115
msgid "SUDO provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:115
+#: src/config/SSSDConfig/__init__.py.in:116
msgid "Autofs provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:116
+#: src/config/SSSDConfig/__init__.py.in:117
msgid "Session-loading provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:117
+#: src/config/SSSDConfig/__init__.py.in:118
msgid "Host identity provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:120
+#: src/config/SSSDConfig/__init__.py.in:121
msgid "Minimum user ID"
msgstr "ID utente minimo"
-#: src/config/SSSDConfig/__init__.py.in:121
+#: src/config/SSSDConfig/__init__.py.in:122
msgid "Maximum user ID"
msgstr "ID utente massimo"
-#: src/config/SSSDConfig/__init__.py.in:122
+#: src/config/SSSDConfig/__init__.py.in:123
msgid "Enable enumerating all users/groups"
msgstr "Consentire l'enumerazione di tutti gli utenti/gruppi"
-#: src/config/SSSDConfig/__init__.py.in:123
+#: src/config/SSSDConfig/__init__.py.in:124
msgid "Cache credentials for offline login"
msgstr "Salvare in cache le credenziali per login offline"
-#: src/config/SSSDConfig/__init__.py.in:124
+#: src/config/SSSDConfig/__init__.py.in:125
msgid "Store password hashes"
msgstr "Salvare gli hash delle password"
-#: src/config/SSSDConfig/__init__.py.in:125
+#: src/config/SSSDConfig/__init__.py.in:126
msgid "Display users/groups in fully-qualified form"
msgstr "Mostrare utenti/gruppi in formato fully-qualified"
-#: src/config/SSSDConfig/__init__.py.in:126
+#: src/config/SSSDConfig/__init__.py.in:127
msgid "Don't include group members in group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:127
-#: src/config/SSSDConfig/__init__.py.in:134
+#: src/config/SSSDConfig/__init__.py.in:128
#: src/config/SSSDConfig/__init__.py.in:135
#: src/config/SSSDConfig/__init__.py.in:136
#: src/config/SSSDConfig/__init__.py.in:137
#: src/config/SSSDConfig/__init__.py.in:138
#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "Entry cache timeout length (seconds)"
msgstr "Durata timeout elementi in cache (secondi)"
-#: src/config/SSSDConfig/__init__.py.in:128
+#: src/config/SSSDConfig/__init__.py.in:129
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr ""
"Restringere o preferire una specifica famiglia di indirizzi per l'esecuzione "
"di lookup DNS"
-#: src/config/SSSDConfig/__init__.py.in:129
+#: src/config/SSSDConfig/__init__.py.in:130
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
"Per quanto tempo tenere in cache gli elementi dopo un login che ha avuto "
"successo (giorni)"
-#: src/config/SSSDConfig/__init__.py.in:130
+#: src/config/SSSDConfig/__init__.py.in:131
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr "Il tempo di attesa per le richieste DNS (secondi)"
-#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "The domain part of service discovery DNS query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "Override GID value from the identity provider with this value"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Treat usernames as case sensitive"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "How often should expired entries be refreshed in background"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "Whether to automatically update the client's DNS entry"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:142
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:143
+#: src/config/SSSDConfig/__init__.py.in:159
msgid "The TTL to apply to the client's DNS entry after updating it"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:143
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
"L'interfaccia il cui indirizzo IP dovrebbe essere usato per aggiornamenti "
"DNS dinamici."
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:145
msgid "How often to periodically update the client's DNS entry"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:146
msgid "Whether the provider should explicitly update the PTR record as well"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:147
msgid "Whether the nsupdate utility should default to using TCP"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "What kind of authentication should be used to perform the DNS update"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:148
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "Control enumeration of trusted domains"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:149
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "How often should subdomains list be refreshed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:152
+#: src/config/SSSDConfig/__init__.py.in:151
+msgid "List of options that should be inherited into a subdomain"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:154
msgid "IPA domain"
msgstr "Dominio IPA"
-#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:155
msgid "IPA server address"
msgstr "Indirizzo del server IPA"
-#: src/config/SSSDConfig/__init__.py.in:154
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Address of backup IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:155
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "IPA client hostname"
msgstr "Hostname del client IPA"
-#: src/config/SSSDConfig/__init__.py.in:156
+#: src/config/SSSDConfig/__init__.py.in:158
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:161
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:160
+#: src/config/SSSDConfig/__init__.py.in:162
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:161
+#: src/config/SSSDConfig/__init__.py.in:163
msgid ""
"The amount of time in seconds between lookups of the SELinux maps against "
"the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:162
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "The automounter location this IPA client is using"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Search base for object containing info about IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:168
msgid "Search base for objects containing info about ID ranges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:167
-#: src/config/SSSDConfig/__init__.py.in:181
+#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:183
msgid "Enable DNS sites - location based service discovery"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:168
+#: src/config/SSSDConfig/__init__.py.in:170
msgid "Search base for view containers"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:171
msgid "Objectclass for view containers"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:170
+#: src/config/SSSDConfig/__init__.py.in:172
msgid "Attribute with the name of the view"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
msgid "Objectclass for override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:172
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Attribute with the reference to the original object"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:175
msgid "Objectclass for user override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:176
msgid "Objectclass for group override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "Active Directory domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "Active Directory server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "Active Directory backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "Active Directory client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:182
-#: src/config/SSSDConfig/__init__.py.in:357
+#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:360
msgid "LDAP filter to determine access privileges"
msgstr "Filtro LDAP per determinare i privilegi di accesso"
-#: src/config/SSSDConfig/__init__.py.in:183
+#: src/config/SSSDConfig/__init__.py.in:185
msgid "Whether to use the Global Catalog for lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Operation mode for GPO-based access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:187
msgid ""
"The amount of time between lookups of the GPO policy files against the AD "
"server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:186
+#: src/config/SSSDConfig/__init__.py.in:188
msgid ""
"PAM service names that map to the GPO (Deny)InteractiveLogonRight policy "
"settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:189
msgid ""
"PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight "
"policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:190
msgid ""
"PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:191
msgid ""
"PAM service names that map to the GPO (Deny)BatchLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:192
msgid ""
"PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "PAM service names for which GPO-based access is always granted"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "PAM service names for which GPO-based access is always denied"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:195
msgid ""
"Default logon right (or permit/deny) to use for unmapped PAM service names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "a particular site to be used by the client"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:197
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "Kerberos server address"
msgstr "Indirizzo del server Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Kerberos backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "Kerberos realm"
msgstr "Realm Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "Authentication timeout"
msgstr "Timeout di autenticazione"
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "Whether to create kdcinfo files"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "Where to drop krb5 config snippets"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "Directory to store credential caches"
msgstr "Directory in cui salvare le credenziali"
-#: src/config/SSSDConfig/__init__.py.in:207
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "Location of the user's credential cache"
msgstr "Percorso della cache delle credenziali utente"
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:210
msgid "Location of the keytab to validate credentials"
msgstr "Percorso del keytab per la validazione delle credenziali"
-#: src/config/SSSDConfig/__init__.py.in:209
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "Enable credential validation"
msgstr "Abilita la validazione delle credenziali"
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:212
msgid "Store password if offline for later online authentication"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:211
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:212
+#: src/config/SSSDConfig/__init__.py.in:214
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:215
msgid "Time between two checks for renewal"
msgstr "Intervallo di tempo tra due controlli di rinnovo"
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "Enables FAST"
msgstr "Abilita FAST"
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "Selects the principal to use for FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:218
msgid "Enables principal canonicalization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:217
+#: src/config/SSSDConfig/__init__.py.in:219
msgid "Enables enterprise principals"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:220
-#: src/config/SSSDConfig/__init__.py.in:221
+msgid "A mapping from user names to kerberos principal names"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:224
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
"Server dove viene eseguito il servizio di cambio password, se non nel KDC"
-#: src/config/SSSDConfig/__init__.py.in:224
+#: src/config/SSSDConfig/__init__.py.in:227
msgid "ldap_uri, The URI of the LDAP server"
msgstr "ldap_uri, l'indirizzo del server LDAP"
-#: src/config/SSSDConfig/__init__.py.in:225
+#: src/config/SSSDConfig/__init__.py.in:228
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:226
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "The default base DN"
msgstr "Il base DN predefinito"
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr "Lo Schema Type utilizzato dal server LDAP, rfc2307"
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "The default bind DN"
msgstr "Il bind DN predefinito"
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "The type of the authentication token of the default bind DN"
msgstr "Il tipo di token di autenticazione del bind DN predefinito"
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "The authentication token of the default bind DN"
msgstr "Il token di autenticazione del bind DN predefinito"
-#: src/config/SSSDConfig/__init__.py.in:231
+#: src/config/SSSDConfig/__init__.py.in:234
msgid "Length of time to attempt connection"
msgstr "Durata del tentativo di connessione"
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Length of time to attempt synchronous LDAP operations"
msgstr "Durata del tentativo di esecuzione di operazioni LDAP sincrone"
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "Length of time between attempts to reconnect while offline"
msgstr "Durata tra tentativi di riconnessione quando offline"
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Use only the upper case for realm names"
msgstr "Usare solo maiuscole per i nomi dei realm"
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "File that contains CA certificates"
msgstr "File contenente i certificati CA"
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Path to CA certificate directory"
msgstr "Percorso della directory dei cerficati della CA"
-#: src/config/SSSDConfig/__init__.py.in:237
+#: src/config/SSSDConfig/__init__.py.in:240
msgid "File that contains the client certificate"
msgstr "File contenente il certificato client"
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "File that contains the client key"
msgstr "File contenente la chiave client"
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "List of possible ciphers suites"
msgstr "Lista delle possibili cipher suite"
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "Require TLS certificate verification"
msgstr "Richiedere la verifica del certificato TLS"
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "Specify the sasl mechanism to use"
msgstr "Specificare il meccanismo sasl da usare"
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "Specify the sasl authorization id to use"
msgstr "Specificare l'id di autorizzazione sasl da usare"
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "Specify the sasl authorization realm to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:244
+#: src/config/SSSDConfig/__init__.py.in:247
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Kerberos service keytab"
msgstr "Keytab del servizio Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "Use Kerberos auth for LDAP connection"
msgstr "Usare autorizzazione Kerberos per la connessione LDAP"
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "Follow LDAP referrals"
msgstr "Seguire i referral LDAP"
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "Lifetime of TGT for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "How to dereference aliases"
msgstr "Metodo di deferenziazione degli alias"
-#: src/config/SSSDConfig/__init__.py.in:250
+#: src/config/SSSDConfig/__init__.py.in:253
msgid "Service name for DNS service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "entryUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "lastUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:260
+#: src/config/SSSDConfig/__init__.py.in:263
msgid "Disable the LDAP paging control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "Disable Active Directory range retrieval"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "Length of time to wait for a search request"
msgstr "Durata attesa per le richieste di ricerca"
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "Length of time to wait for a enumeration request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "Length of time between enumeration updates"
msgstr "Durata tra gli aggiornamenti alle enumeration"
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "Length of time between cache cleanups"
msgstr "Intervallo di tempo per la pulizia cache"
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "Require TLS for ID lookups"
msgstr "Richiedere TLS per gli ID lookup"
-#: src/config/SSSDConfig/__init__.py.in:269
+#: src/config/SSSDConfig/__init__.py.in:272
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:270
+#: src/config/SSSDConfig/__init__.py.in:273
msgid "Base DN for user lookups"
msgstr "Base DN per i lookup utente"
-#: src/config/SSSDConfig/__init__.py.in:271
+#: src/config/SSSDConfig/__init__.py.in:274
msgid "Scope of user lookups"
msgstr "Ambito di applicazione dei lookup utente"
-#: src/config/SSSDConfig/__init__.py.in:272
+#: src/config/SSSDConfig/__init__.py.in:275
msgid "Filter for user lookups"
msgstr "Filtro per i lookup utente"
-#: src/config/SSSDConfig/__init__.py.in:273
+#: src/config/SSSDConfig/__init__.py.in:276
msgid "Objectclass for users"
msgstr "Objectclass per gli utenti"
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Username attribute"
msgstr "Attributo del nome utente"
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "UID attribute"
msgstr "Attributo UID"
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "Primary GID attribute"
msgstr "Attributo del GID primario"
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "GECOS attribute"
msgstr "Attributo GECOS"
-#: src/config/SSSDConfig/__init__.py.in:279
+#: src/config/SSSDConfig/__init__.py.in:282
msgid "Home directory attribute"
msgstr "Attributo della home directory"
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "Shell attribute"
msgstr "Attributo della shell"
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
#, fuzzy
msgid "UUID attribute"
msgstr "Attributo UID"
-#: src/config/SSSDConfig/__init__.py.in:282
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:322
msgid "objectSID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Active Directory primary group attribute for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:284
+#: src/config/SSSDConfig/__init__.py.in:287
msgid "User principal attribute (for Kerberos)"
msgstr "Attributo user principal (per Kerberos)"
-#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:288
msgid "Full Name"
msgstr "Nome completo"
-#: src/config/SSSDConfig/__init__.py.in:286
+#: src/config/SSSDConfig/__init__.py.in:289
msgid "memberOf attribute"
msgstr "Attributo memberOf"
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Modification time attribute"
msgstr "Attributo data di modifica"
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "shadowMin attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "shadowMax attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:292
+#: src/config/SSSDConfig/__init__.py.in:295
msgid "shadowWarning attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:293
+#: src/config/SSSDConfig/__init__.py.in:296
msgid "shadowInactive attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "shadowExpire attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "shadowFlag attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:296
+#: src/config/SSSDConfig/__init__.py.in:299
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:297
+#: src/config/SSSDConfig/__init__.py.in:300
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:298
+#: src/config/SSSDConfig/__init__.py.in:301
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:299
+#: src/config/SSSDConfig/__init__.py.in:302
msgid "krbPasswordExpiration attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:300
+#: src/config/SSSDConfig/__init__.py.in:303
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "accountExpires attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "nsAccountLock attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:304
+#: src/config/SSSDConfig/__init__.py.in:307
msgid "loginDisabled attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:305
+#: src/config/SSSDConfig/__init__.py.in:308
msgid "loginExpirationTime attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:306
+#: src/config/SSSDConfig/__init__.py.in:309
msgid "loginAllowedTimeMap attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "SSH public key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "A list of extra attributes to download along with the user entry"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:310
+#: src/config/SSSDConfig/__init__.py.in:313
msgid "Base DN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:313
+#: src/config/SSSDConfig/__init__.py.in:316
msgid "Objectclass for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "Group name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Group password"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid "GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:317
+#: src/config/SSSDConfig/__init__.py.in:320
msgid "Group member attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:318
+#: src/config/SSSDConfig/__init__.py.in:321
#, fuzzy
msgid "Group UUID attribute"
msgstr "Attributo UID"
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "Modification time attribute for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "Type of the group and other flags"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:323
+#: src/config/SSSDConfig/__init__.py.in:326
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Base DN for netgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Objectclass for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Netgroups members attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid "Netgroup triple attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "Modification time attribute for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:332
+#: src/config/SSSDConfig/__init__.py.in:335
msgid "Base DN for service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Objectclass for services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Service name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Service port attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Service protocol attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:339
+#: src/config/SSSDConfig/__init__.py.in:342
msgid "Lower bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:340
+#: src/config/SSSDConfig/__init__.py.in:343
msgid "Upper bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:343
+#: src/config/SSSDConfig/__init__.py.in:346
msgid "Name of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:344
+#: src/config/SSSDConfig/__init__.py.in:347
msgid "SID of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:347
+#: src/config/SSSDConfig/__init__.py.in:350
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:348
+#: src/config/SSSDConfig/__init__.py.in:351
msgid "Whether to use Token-Groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "Set lower boundary for allowed IDs from the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Set upper boundary for allowed IDs from the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:351
+#: src/config/SSSDConfig/__init__.py.in:354
msgid "DN for ppolicy queries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:354
+#: src/config/SSSDConfig/__init__.py.in:357
msgid "Policy to evaluate the password expiration"
msgstr "Politica per controllare la scadenza della password"
-#: src/config/SSSDConfig/__init__.py.in:358
+#: src/config/SSSDConfig/__init__.py.in:361
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:359
+#: src/config/SSSDConfig/__init__.py.in:362
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:362
+#: src/config/SSSDConfig/__init__.py.in:365
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:363
+#: src/config/SSSDConfig/__init__.py.in:366
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:364
+#: src/config/SSSDConfig/__init__.py.in:367
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:365
+#: src/config/SSSDConfig/__init__.py.in:368
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:368
+#: src/config/SSSDConfig/__init__.py.in:371
msgid "Base DN for sudo rules lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:369
+#: src/config/SSSDConfig/__init__.py.in:372
msgid "Automatic full refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:370
+#: src/config/SSSDConfig/__init__.py.in:373
msgid "Automatic smart refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:371
+#: src/config/SSSDConfig/__init__.py.in:374
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:372
+#: src/config/SSSDConfig/__init__.py.in:375
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:373
+#: src/config/SSSDConfig/__init__.py.in:376
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:374
+#: src/config/SSSDConfig/__init__.py.in:377
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:375
+#: src/config/SSSDConfig/__init__.py.in:378
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:376
+#: src/config/SSSDConfig/__init__.py.in:379
msgid "Object class for sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:377
+#: src/config/SSSDConfig/__init__.py.in:380
msgid "Sudo rule name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:378
+#: src/config/SSSDConfig/__init__.py.in:381
msgid "Sudo rule command attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:379
+#: src/config/SSSDConfig/__init__.py.in:382
msgid "Sudo rule host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:380
+#: src/config/SSSDConfig/__init__.py.in:383
msgid "Sudo rule user attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:381
+#: src/config/SSSDConfig/__init__.py.in:384
msgid "Sudo rule option attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:382
+#: src/config/SSSDConfig/__init__.py.in:385
msgid "Sudo rule runas attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:383
+#: src/config/SSSDConfig/__init__.py.in:386
msgid "Sudo rule runasuser attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:384
+#: src/config/SSSDConfig/__init__.py.in:387
msgid "Sudo rule runasgroup attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:385
+#: src/config/SSSDConfig/__init__.py.in:388
msgid "Sudo rule notbefore attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:386
+#: src/config/SSSDConfig/__init__.py.in:389
msgid "Sudo rule notafter attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:387
+#: src/config/SSSDConfig/__init__.py.in:390
msgid "Sudo rule order attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:390
+#: src/config/SSSDConfig/__init__.py.in:393
msgid "Object class for automounter maps"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:391
+#: src/config/SSSDConfig/__init__.py.in:394
msgid "Automounter map name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:392
+#: src/config/SSSDConfig/__init__.py.in:395
msgid "Object class for automounter map entries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:393
+#: src/config/SSSDConfig/__init__.py.in:396
msgid "Automounter map entry key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:394
+#: src/config/SSSDConfig/__init__.py.in:397
msgid "Automounter map entry value attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:395
+#: src/config/SSSDConfig/__init__.py.in:398
msgid "Base DN for automounter map lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:398
+#: src/config/SSSDConfig/__init__.py.in:401
msgid "Comma separated list of allowed users"
msgstr "Lista separata da virgola degli utenti abilitati"
-#: src/config/SSSDConfig/__init__.py.in:399
+#: src/config/SSSDConfig/__init__.py.in:402
msgid "Comma separated list of prohibited users"
msgstr "Lista separata da virgola degli utenti non abilitati"
-#: src/config/SSSDConfig/__init__.py.in:402
+#: src/config/SSSDConfig/__init__.py.in:405
msgid "Default shell, /bin/bash"
msgstr "Shell predefinita, /bin/bash"
-#: src/config/SSSDConfig/__init__.py.in:403
+#: src/config/SSSDConfig/__init__.py.in:406
msgid "Base for home directories"
msgstr "Base delle home directory"
-#: src/config/SSSDConfig/__init__.py.in:406
+#: src/config/SSSDConfig/__init__.py.in:409
msgid "The name of the NSS library to use"
msgstr "Il nome della libreria NSS da usare"
-#: src/config/SSSDConfig/__init__.py.in:407
+#: src/config/SSSDConfig/__init__.py.in:410
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:410
+#: src/config/SSSDConfig/__init__.py.in:413
msgid "PAM stack to use"
msgstr "Stack PAM da usare"
@@ -1246,26 +1258,26 @@ msgstr "Specificare un file di configurazione specifico"
msgid "Print version number and exit"
msgstr ""
-#: src/providers/krb5/krb5_child.c:2342 src/providers/ldap/ldap_child.c:589
+#: src/providers/krb5/krb5_child.c:2342 src/providers/ldap/ldap_child.c:609
#: src/util/util.h:108
msgid "Debug level"
msgstr "Livello debug"
-#: src/providers/krb5/krb5_child.c:2344 src/providers/ldap/ldap_child.c:591
+#: src/providers/krb5/krb5_child.c:2344 src/providers/ldap/ldap_child.c:611
#: src/util/util.h:114
msgid "Add debug timestamps"
msgstr "Includi timestamp di debug"
-#: src/providers/krb5/krb5_child.c:2346 src/providers/ldap/ldap_child.c:593
+#: src/providers/krb5/krb5_child.c:2346 src/providers/ldap/ldap_child.c:613
#: src/util/util.h:116
msgid "Show timestamps with microseconds"
msgstr ""
-#: src/providers/krb5/krb5_child.c:2348 src/providers/ldap/ldap_child.c:595
+#: src/providers/krb5/krb5_child.c:2348 src/providers/ldap/ldap_child.c:615
msgid "An open file descriptor for the debug logs"
msgstr "Un descrittore di file aperto per l'output di debug"
-#: src/providers/krb5/krb5_child.c:2351 src/providers/ldap/ldap_child.c:597
+#: src/providers/krb5/krb5_child.c:2351 src/providers/ldap/ldap_child.c:617
#: src/util/util.h:112
msgid "Send the debug output to stderr directly."
msgstr ""
@@ -1278,99 +1290,104 @@ msgstr ""
msgid "The group to create FAST ccache as"
msgstr ""
-#: src/providers/data_provider_be.c:2833
+#: src/providers/data_provider_be.c:2834
msgid "Domain of the information provider (mandatory)"
msgstr "Dominio del provider di informazioni (obbligatorio)"
-#: src/sss_client/common.c:969
+#: src/sss_client/common.c:971
msgid "Privileged socket has wrong ownership or permissions."
msgstr "Il socket privilegiato ha permessi o propritario non validi."
-#: src/sss_client/common.c:972
+#: src/sss_client/common.c:974
msgid "Public socket has wrong ownership or permissions."
msgstr "Il socket pubblico ha permessi o propritario non validi."
-#: src/sss_client/common.c:975
+#: src/sss_client/common.c:977
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:978
+#: src/sss_client/common.c:980
msgid "SSSD is not run by root."
msgstr "SSSD non è eseguito da root."
-#: src/sss_client/common.c:983
+#: src/sss_client/common.c:985
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:989
+#: src/sss_client/common.c:991
msgid "Unexpected error while looking for an error description"
msgstr ""
-#: src/sss_client/pam_sss.c:398
+#: src/sss_client/pam_sss.c:63
+msgid "Permission denied. "
+msgstr ""
+
+#: src/sss_client/pam_sss.c:64 src/sss_client/pam_sss.c:883
+#: src/sss_client/pam_sss.c:894
+msgid "Server message: "
+msgstr "Messaggio del server:"
+
+#: src/sss_client/pam_sss.c:401
msgid "Passwords do not match"
msgstr "Le password non coincidono"
-#: src/sss_client/pam_sss.c:586
+#: src/sss_client/pam_sss.c:589
msgid "Password reset by root is not supported."
msgstr ""
-#: src/sss_client/pam_sss.c:627
+#: src/sss_client/pam_sss.c:630
msgid "Authenticated with cached credentials"
msgstr "Autenticato con le credenziali nella cache"
-#: src/sss_client/pam_sss.c:628
+#: src/sss_client/pam_sss.c:631
msgid ", your cached password will expire at: "
msgstr ", la password in cache scadrà il: "
-#: src/sss_client/pam_sss.c:658
+#: src/sss_client/pam_sss.c:661
#, c-format
msgid "Your password has expired. You have %1$d grace login(s) remaining."
msgstr ""
-#: src/sss_client/pam_sss.c:704
+#: src/sss_client/pam_sss.c:707
#, c-format
msgid "Your password will expire in %1$d %2$s."
msgstr ""
-#: src/sss_client/pam_sss.c:753
+#: src/sss_client/pam_sss.c:756
msgid "Authentication is denied until: "
msgstr "L'autenticazione verrà negata fino al: "
-#: src/sss_client/pam_sss.c:774
+#: src/sss_client/pam_sss.c:777
msgid "System is offline, password change not possible"
msgstr "Il sistema è offline, non è possibile richiedere un cambio password"
-#: src/sss_client/pam_sss.c:789
+#: src/sss_client/pam_sss.c:792
msgid ""
"After changing the OTP password, you need to log out and back in order to "
"acquire a ticket"
msgstr ""
-#: src/sss_client/pam_sss.c:820 src/sss_client/pam_sss.c:833
+#: src/sss_client/pam_sss.c:880 src/sss_client/pam_sss.c:893
msgid "Password change failed. "
msgstr "Cambio password fallito."
-#: src/sss_client/pam_sss.c:823 src/sss_client/pam_sss.c:834
-msgid "Server message: "
-msgstr "Messaggio del server:"
-
-#: src/sss_client/pam_sss.c:1274
+#: src/sss_client/pam_sss.c:1336
msgid "New Password: "
msgstr "Nuova password: "
-#: src/sss_client/pam_sss.c:1275
+#: src/sss_client/pam_sss.c:1337
msgid "Reenter new Password: "
msgstr "Conferma nuova password: "
-#: src/sss_client/pam_sss.c:1374
+#: src/sss_client/pam_sss.c:1436
msgid "Password: "
msgstr "Password: "
-#: src/sss_client/pam_sss.c:1406
+#: src/sss_client/pam_sss.c:1468
msgid "Current Password: "
msgstr "Password corrente: "
-#: src/sss_client/pam_sss.c:1582
+#: src/sss_client/pam_sss.c:1644
msgid "Password expired. Change your password now."
msgstr "Password scaduta. Cambiare la password ora."
diff --git a/po/ja.po b/po/ja.po
index abb17dc66..d7a00a442 100644
--- a/po/ja.po
+++ b/po/ja.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2015-02-18 16:53+0100\n"
+"POT-Creation-Date: 2015-06-12 10:37+0200\n"
"PO-Revision-Date: 2014-06-04 02:04-0400\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Japanese (http://www.transifex.com/projects/p/sssd/language/"
@@ -18,7 +18,7 @@ msgstr ""
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=1; plural=0;\n"
-"X-Generator: Zanata 3.5.1\n"
+"X-Generator: Zanata 3.6.2\n"
#: src/config/SSSDConfig/__init__.py.in:43
msgid "Set the verbosity of the debug logging"
@@ -106,7 +106,7 @@ msgid "Entry cache background update timeout length (seconds)"
msgstr "エントリーキャッシュのバックグラウンド更新のタイムアウト時間(秒)"
#: src/config/SSSDConfig/__init__.py.in:67
-#: src/config/SSSDConfig/__init__.py.in:96
+#: src/config/SSSDConfig/__init__.py.in:97
msgid "Negative cache timeout length (seconds)"
msgstr "ネガティブキャッシュのタイムアウト(秒)"
@@ -204,532 +204,544 @@ msgstr ""
msgid "List of domains accessible even for untrusted users."
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:93
+#: src/config/SSSDConfig/__init__.py.in:91
+msgid "Message printed when user account is expired."
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:94
msgid "Whether to evaluate the time-based attributes in sudo rules"
msgstr "sudo ルールにおいて時間による属性を評価するかどうか"
-#: src/config/SSSDConfig/__init__.py.in:99
+#: src/config/SSSDConfig/__init__.py.in:100
msgid "Whether to hash host names and addresses in the known_hosts file"
msgstr "known_hosts ファイルにおいてホスト名とアドレスをハッシュ化するかどうか"
-#: src/config/SSSDConfig/__init__.py.in:100
+#: src/config/SSSDConfig/__init__.py.in:101
msgid ""
"How many seconds to keep a host in the known_hosts file after its host keys "
"were requested"
msgstr "ホスト鍵が要求された後 known_hosts ファイルにホストを保持する秒数"
-#: src/config/SSSDConfig/__init__.py.in:103
+#: src/config/SSSDConfig/__init__.py.in:104
msgid "List of UIDs or user names allowed to access the PAC responder"
msgstr "PAC レスポンダーへのアクセスが許可された UID またはユーザー名の一覧"
-#: src/config/SSSDConfig/__init__.py.in:106
+#: src/config/SSSDConfig/__init__.py.in:107
msgid "List of UIDs or user names allowed to access the InfoPipe responder"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:107
+#: src/config/SSSDConfig/__init__.py.in:108
msgid "List of user attributes the InfoPipe is allowed to publish"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:110
+#: src/config/SSSDConfig/__init__.py.in:111
msgid "Identity provider"
msgstr "アイデンティティプロバイダー"
-#: src/config/SSSDConfig/__init__.py.in:111
+#: src/config/SSSDConfig/__init__.py.in:112
msgid "Authentication provider"
msgstr "認証プロバイダー"
-#: src/config/SSSDConfig/__init__.py.in:112
+#: src/config/SSSDConfig/__init__.py.in:113
msgid "Access control provider"
msgstr "アクセス制御プロバイダー"
-#: src/config/SSSDConfig/__init__.py.in:113
+#: src/config/SSSDConfig/__init__.py.in:114
msgid "Password change provider"
msgstr "パスワード変更プロバイダー"
-#: src/config/SSSDConfig/__init__.py.in:114
+#: src/config/SSSDConfig/__init__.py.in:115
msgid "SUDO provider"
msgstr "SUDO プロバイダー"
-#: src/config/SSSDConfig/__init__.py.in:115
+#: src/config/SSSDConfig/__init__.py.in:116
msgid "Autofs provider"
msgstr "Autofs プロバイダー"
-#: src/config/SSSDConfig/__init__.py.in:116
+#: src/config/SSSDConfig/__init__.py.in:117
msgid "Session-loading provider"
msgstr "セッション読み込みプロバイダー"
-#: src/config/SSSDConfig/__init__.py.in:117
+#: src/config/SSSDConfig/__init__.py.in:118
msgid "Host identity provider"
msgstr "ホスト識別プロバイダー"
-#: src/config/SSSDConfig/__init__.py.in:120
+#: src/config/SSSDConfig/__init__.py.in:121
msgid "Minimum user ID"
msgstr "最小ユーザー ID"
-#: src/config/SSSDConfig/__init__.py.in:121
+#: src/config/SSSDConfig/__init__.py.in:122
msgid "Maximum user ID"
msgstr "最大ユーザー ID"
-#: src/config/SSSDConfig/__init__.py.in:122
+#: src/config/SSSDConfig/__init__.py.in:123
msgid "Enable enumerating all users/groups"
msgstr "すべてのユーザー・グループの列挙を有効にする"
-#: src/config/SSSDConfig/__init__.py.in:123
+#: src/config/SSSDConfig/__init__.py.in:124
msgid "Cache credentials for offline login"
msgstr "オフラインログインのためにクレディンシャルをキャッシュする"
-#: src/config/SSSDConfig/__init__.py.in:124
+#: src/config/SSSDConfig/__init__.py.in:125
msgid "Store password hashes"
msgstr "パスワードハッシュを保存する"
-#: src/config/SSSDConfig/__init__.py.in:125
+#: src/config/SSSDConfig/__init__.py.in:126
msgid "Display users/groups in fully-qualified form"
msgstr "ユーザー・グループを完全修飾形式で表示する"
-#: src/config/SSSDConfig/__init__.py.in:126
+#: src/config/SSSDConfig/__init__.py.in:127
msgid "Don't include group members in group lookups"
msgstr "グループ検索にグループメンバーを含めない"
-#: src/config/SSSDConfig/__init__.py.in:127
-#: src/config/SSSDConfig/__init__.py.in:134
+#: src/config/SSSDConfig/__init__.py.in:128
#: src/config/SSSDConfig/__init__.py.in:135
#: src/config/SSSDConfig/__init__.py.in:136
#: src/config/SSSDConfig/__init__.py.in:137
#: src/config/SSSDConfig/__init__.py.in:138
#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "Entry cache timeout length (seconds)"
msgstr "エントリーキャッシュのタイムアウト長(秒)"
-#: src/config/SSSDConfig/__init__.py.in:128
+#: src/config/SSSDConfig/__init__.py.in:129
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr "DNS 検索を実行するときに特定のアドレスファミリーを制限または優先します"
-#: src/config/SSSDConfig/__init__.py.in:129
+#: src/config/SSSDConfig/__init__.py.in:130
msgid "How long to keep cached entries after last successful login (days)"
msgstr "最終ログイン成功時からキャッシュエントリーを保持する日数"
-#: src/config/SSSDConfig/__init__.py.in:130
+#: src/config/SSSDConfig/__init__.py.in:131
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr "サーバーを名前解決するときに DNS から応答を待つ時間(秒)"
-#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "The domain part of service discovery DNS query"
msgstr "サービス検索 DNS クエリーのドメイン部分"
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "Override GID value from the identity provider with this value"
msgstr "識別プロバイダーからの GID 値をこの値で上書きする"
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Treat usernames as case sensitive"
msgstr "ユーザー名が大文字小文字を区別するよう取り扱う"
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "How often should expired entries be refreshed in background"
msgstr "期限切れのエントリーがバックグラウンドで更新される頻度"
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "Whether to automatically update the client's DNS entry"
msgstr "自動的にクライアントの DNS エントリーを更新するかどうか"
-#: src/config/SSSDConfig/__init__.py.in:142
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:143
+#: src/config/SSSDConfig/__init__.py.in:159
msgid "The TTL to apply to the client's DNS entry after updating it"
msgstr "クライアントの DNS 項目を更新後、適用する TTL"
-#: src/config/SSSDConfig/__init__.py.in:143
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr "動的 DNS 更新のために使用される IP のインターフェース"
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:145
msgid "How often to periodically update the client's DNS entry"
msgstr "どのくらい定期的にクライアントの DNS エントリーを更新するか"
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:146
msgid "Whether the provider should explicitly update the PTR record as well"
msgstr ""
"プロバイダーが同じように PTR レコードを明示的に更新する必要があるかどうか"
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:147
msgid "Whether the nsupdate utility should default to using TCP"
msgstr "nsupdate ユーティリティが標準で TCP を使用するかどうか"
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "What kind of authentication should be used to perform the DNS update"
msgstr "DNS 更新を実行するために使用すべき認証の種類"
-#: src/config/SSSDConfig/__init__.py.in:148
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "Control enumeration of trusted domains"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:149
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "How often should subdomains list be refreshed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:152
+#: src/config/SSSDConfig/__init__.py.in:151
+msgid "List of options that should be inherited into a subdomain"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:154
msgid "IPA domain"
msgstr "IPA ドメイン"
-#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:155
msgid "IPA server address"
msgstr "IPA サーバーのアドレス"
-#: src/config/SSSDConfig/__init__.py.in:154
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Address of backup IPA server"
msgstr "バックアップ IPA サーバーのアドレス"
-#: src/config/SSSDConfig/__init__.py.in:155
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "IPA client hostname"
msgstr "IPA クライアントのホスト名"
-#: src/config/SSSDConfig/__init__.py.in:156
+#: src/config/SSSDConfig/__init__.py.in:158
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr "FreeIPA にあるクライアントの DNS エントリーを自動的に更新するかどうか"
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:161
msgid "Search base for HBAC related objects"
msgstr "HBAC 関連オブジェクトの検索ベース"
-#: src/config/SSSDConfig/__init__.py.in:160
+#: src/config/SSSDConfig/__init__.py.in:162
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr "IPA サーバーに対する HBAC ルールを検索している間の合計時間"
-#: src/config/SSSDConfig/__init__.py.in:161
+#: src/config/SSSDConfig/__init__.py.in:163
msgid ""
"The amount of time in seconds between lookups of the SELinux maps against "
"the IPA server"
msgstr "IPA サーバーに対する SELinux マップの検索の間の秒単位の合計時間"
-#: src/config/SSSDConfig/__init__.py.in:162
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr "DENY ルールが存在すると、DENY_ALL または IGNORE です"
-#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "If set to false, host argument given by PAM will be ignored"
msgstr "もし偽に設定されていると、 PAM により渡されたホスト引数は無視されます"
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "The automounter location this IPA client is using"
msgstr "この IPA クライアントが使用している automounter の場所"
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Search base for object containing info about IPA domain"
msgstr "IPA ドメインに関する情報を含むオブジェクトに対する検索ベース"
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:168
msgid "Search base for objects containing info about ID ranges"
msgstr "ID 範囲に関する情報を含むオブジェクトに対する検索ベース"
-#: src/config/SSSDConfig/__init__.py.in:167
-#: src/config/SSSDConfig/__init__.py.in:181
+#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:183
msgid "Enable DNS sites - location based service discovery"
msgstr "DNS サイトの有効化 - 位置にサービス探索"
-#: src/config/SSSDConfig/__init__.py.in:168
+#: src/config/SSSDConfig/__init__.py.in:170
msgid "Search base for view containers"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:171
msgid "Objectclass for view containers"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:170
+#: src/config/SSSDConfig/__init__.py.in:172
msgid "Attribute with the name of the view"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
msgid "Objectclass for override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:172
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Attribute with the reference to the original object"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:175
msgid "Objectclass for user override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:176
msgid "Objectclass for group override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "Active Directory domain"
msgstr "Active Directory ドメイン"
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "Active Directory server address"
msgstr "Active Directory サーバーアドレス"
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "Active Directory backup server address"
msgstr "Active Directory バックアップサーバーのアドレス"
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "Active Directory client hostname"
msgstr "Active Directory クライアントホスト名"
-#: src/config/SSSDConfig/__init__.py.in:182
-#: src/config/SSSDConfig/__init__.py.in:357
+#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:360
msgid "LDAP filter to determine access privileges"
msgstr "アクセス権限を決めるための LDAP フィルター"
-#: src/config/SSSDConfig/__init__.py.in:183
+#: src/config/SSSDConfig/__init__.py.in:185
msgid "Whether to use the Global Catalog for lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Operation mode for GPO-based access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:187
msgid ""
"The amount of time between lookups of the GPO policy files against the AD "
"server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:186
+#: src/config/SSSDConfig/__init__.py.in:188
msgid ""
"PAM service names that map to the GPO (Deny)InteractiveLogonRight policy "
"settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:189
msgid ""
"PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight "
"policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:190
msgid ""
"PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:191
msgid ""
"PAM service names that map to the GPO (Deny)BatchLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:192
msgid ""
"PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "PAM service names for which GPO-based access is always granted"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "PAM service names for which GPO-based access is always denied"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:195
msgid ""
"Default logon right (or permit/deny) to use for unmapped PAM service names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "a particular site to be used by the client"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:197
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "Kerberos server address"
msgstr "Kerberos サーバーのアドレス"
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Kerberos backup server address"
msgstr "Kerberos バックアップサーバーのアドレス"
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "Kerberos realm"
msgstr "Kerberos レルム"
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "Authentication timeout"
msgstr "認証のタイムアウト"
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "Whether to create kdcinfo files"
msgstr "kdcinfo ファイルを作成するかどうか"
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "Where to drop krb5 config snippets"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "Directory to store credential caches"
msgstr "クレディンシャルのキャッシュを保存するディレクトリー"
-#: src/config/SSSDConfig/__init__.py.in:207
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "Location of the user's credential cache"
msgstr "ユーザーのクレディンシャルキャッシュの位置"
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:210
msgid "Location of the keytab to validate credentials"
msgstr "クレディンシャルを検証するキーテーブルの場所"
-#: src/config/SSSDConfig/__init__.py.in:209
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "Enable credential validation"
msgstr "クレディンシャルの検証を有効にする"
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:212
msgid "Store password if offline for later online authentication"
msgstr "後からオンライン認証するためにオフラインの場合にパスワードを保存します"
-#: src/config/SSSDConfig/__init__.py.in:211
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Renewable lifetime of the TGT"
msgstr "更新可能な TGT の有効期間"
-#: src/config/SSSDConfig/__init__.py.in:212
+#: src/config/SSSDConfig/__init__.py.in:214
msgid "Lifetime of the TGT"
msgstr "TGT の有効期間"
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:215
msgid "Time between two checks for renewal"
msgstr "更新を確認する間隔"
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "Enables FAST"
msgstr "FAST を有効にする"
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "Selects the principal to use for FAST"
msgstr "FAST に使用するプリンシパルを選択する"
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:218
msgid "Enables principal canonicalization"
msgstr "プリンシパル正規化を有効にする"
-#: src/config/SSSDConfig/__init__.py.in:217
+#: src/config/SSSDConfig/__init__.py.in:219
msgid "Enables enterprise principals"
msgstr "エンタープライズ・プリンシパルの有効化"
#: src/config/SSSDConfig/__init__.py.in:220
-#: src/config/SSSDConfig/__init__.py.in:221
+msgid "A mapping from user names to kerberos principal names"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:224
msgid "Server where the change password service is running if not on the KDC"
msgstr "KDC になければ、パスワード変更サービスが実行されているサーバー"
-#: src/config/SSSDConfig/__init__.py.in:224
+#: src/config/SSSDConfig/__init__.py.in:227
msgid "ldap_uri, The URI of the LDAP server"
msgstr "ldap_uri, LDAP サーバーの URI"
-#: src/config/SSSDConfig/__init__.py.in:225
+#: src/config/SSSDConfig/__init__.py.in:228
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr "ldap_backup_uri, LDAP サーバーの URI"
-#: src/config/SSSDConfig/__init__.py.in:226
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "The default base DN"
msgstr "デフォルトのベース DN"
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr "LDAP サーバーにおいて使用中のスキーマ形式, rfc2307"
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "The default bind DN"
msgstr "デフォルトのバインド DN"
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "The type of the authentication token of the default bind DN"
msgstr "デフォルトのバインド DN の認証トークンの種類"
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "The authentication token of the default bind DN"
msgstr "デフォルトのバインド DN の認証トークン"
-#: src/config/SSSDConfig/__init__.py.in:231
+#: src/config/SSSDConfig/__init__.py.in:234
msgid "Length of time to attempt connection"
msgstr "接続を試行する時間"
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Length of time to attempt synchronous LDAP operations"
msgstr "LDAP 同期操作を試行する時間"
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "Length of time between attempts to reconnect while offline"
msgstr "オフラインの間に再接続を試行する時間"
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Use only the upper case for realm names"
msgstr "レルム名に対して大文字のみを使用する"
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "File that contains CA certificates"
msgstr "CA 証明書を含むファイル"
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Path to CA certificate directory"
msgstr "CA 証明書のディレクトリーのパス"
-#: src/config/SSSDConfig/__init__.py.in:237
+#: src/config/SSSDConfig/__init__.py.in:240
msgid "File that contains the client certificate"
msgstr "クライアント証明書を含むファイル"
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "File that contains the client key"
msgstr "クライアントの鍵を含むファイル"
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "List of possible ciphers suites"
msgstr "利用可能な暗号の一覧"
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "Require TLS certificate verification"
msgstr "TLS 証明書の検証を要求する"
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "Specify the sasl mechanism to use"
msgstr "使用する SASL メカニズムを指定する"
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "Specify the sasl authorization id to use"
msgstr "使用する SASL 認可 ID を指定する"
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "Specify the sasl authorization realm to use"
msgstr "使用する SASL 認可レルムを指定する"
-#: src/config/SSSDConfig/__init__.py.in:244
+#: src/config/SSSDConfig/__init__.py.in:247
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr "LDAP SASL 認可の最小 SSF を指定する"
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Kerberos service keytab"
msgstr "Kerberos サービスのキーテーブル"
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "Use Kerberos auth for LDAP connection"
msgstr "LDAP 接続に対して Kerberos 認証を使用する"
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "Follow LDAP referrals"
msgstr "LDAP リフェラルにしたがう"
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "Lifetime of TGT for LDAP connection"
msgstr "LDAP 接続の TGT の有効期間"
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "How to dereference aliases"
msgstr "エイリアスを参照解決する方法"
-#: src/config/SSSDConfig/__init__.py.in:250
+#: src/config/SSSDConfig/__init__.py.in:253
msgid "Service name for DNS service lookups"
msgstr "DNS サービス検索のサービス名"
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "The number of records to retrieve in a single LDAP query"
msgstr "単一の LDAP 問い合わせにおいて取得するレコード数"
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "The number of members that must be missing to trigger a full deref"
msgstr "完全な参照解決を引き起こすために欠けている必要があるメンバーの数"
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
@@ -737,382 +749,382 @@ msgstr ""
"LDAP ライブラリーが SASL バインド中にホスト名を正規化するために逆引きを実行す"
"るかどうか"
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "entryUSN attribute"
msgstr "entryUSN 属性"
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "lastUSN attribute"
msgstr "lastUSN 属性"
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr "LDAP サーバーを切断する前に接続を保持する時間"
-#: src/config/SSSDConfig/__init__.py.in:260
+#: src/config/SSSDConfig/__init__.py.in:263
msgid "Disable the LDAP paging control"
msgstr "LDAP ページング制御を無効化する"
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "Disable Active Directory range retrieval"
msgstr "Active Directory 範囲の取得の無効化"
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "Length of time to wait for a search request"
msgstr "検索要求を待つ時間"
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "Length of time to wait for a enumeration request"
msgstr "列挙の要求を待つ時間"
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "Length of time between enumeration updates"
msgstr "列挙の更新間隔"
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "Length of time between cache cleanups"
msgstr "キャッシュをクリーンアップする間隔"
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "Require TLS for ID lookups"
msgstr "ID 検索に TLS を要求する"
-#: src/config/SSSDConfig/__init__.py.in:269
+#: src/config/SSSDConfig/__init__.py.in:272
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr "事前設定済み ID の代わりに objectSID の ID マッピングを使用します"
-#: src/config/SSSDConfig/__init__.py.in:270
+#: src/config/SSSDConfig/__init__.py.in:273
msgid "Base DN for user lookups"
msgstr "ユーザー検索のベース DN"
-#: src/config/SSSDConfig/__init__.py.in:271
+#: src/config/SSSDConfig/__init__.py.in:274
msgid "Scope of user lookups"
msgstr "ユーザー検索の範囲"
-#: src/config/SSSDConfig/__init__.py.in:272
+#: src/config/SSSDConfig/__init__.py.in:275
msgid "Filter for user lookups"
msgstr "ユーザー検索のフィルター"
-#: src/config/SSSDConfig/__init__.py.in:273
+#: src/config/SSSDConfig/__init__.py.in:276
msgid "Objectclass for users"
msgstr "ユーザーのオブジェクトクラス"
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Username attribute"
msgstr "ユーザー名の属性"
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "UID attribute"
msgstr "UID の属性"
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "Primary GID attribute"
msgstr "プライマリー GID の属性"
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "GECOS attribute"
msgstr "GECOS の属性"
-#: src/config/SSSDConfig/__init__.py.in:279
+#: src/config/SSSDConfig/__init__.py.in:282
msgid "Home directory attribute"
msgstr "ホームディレクトリの属性"
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "Shell attribute"
msgstr "シェルの属性"
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
#, fuzzy
msgid "UUID attribute"
msgstr "UID の属性"
-#: src/config/SSSDConfig/__init__.py.in:282
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:322
msgid "objectSID attribute"
msgstr "objectSID 属性"
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Active Directory primary group attribute for ID-mapping"
msgstr "ID マッピングの Active Directory プライマリーグループ属性"
-#: src/config/SSSDConfig/__init__.py.in:284
+#: src/config/SSSDConfig/__init__.py.in:287
msgid "User principal attribute (for Kerberos)"
msgstr "ユーザープリンシパルの属性(Kerberos 用)"
-#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:288
msgid "Full Name"
msgstr "氏名"
-#: src/config/SSSDConfig/__init__.py.in:286
+#: src/config/SSSDConfig/__init__.py.in:289
msgid "memberOf attribute"
msgstr "memberOf 属性"
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Modification time attribute"
msgstr "変更日時の属性"
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "shadowLastChange attribute"
msgstr "shadowLastChange 属性"
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "shadowMin attribute"
msgstr "shadowMin 属性"
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "shadowMax attribute"
msgstr "shadowMax 属性"
-#: src/config/SSSDConfig/__init__.py.in:292
+#: src/config/SSSDConfig/__init__.py.in:295
msgid "shadowWarning attribute"
msgstr "shadowWarning 属性"
-#: src/config/SSSDConfig/__init__.py.in:293
+#: src/config/SSSDConfig/__init__.py.in:296
msgid "shadowInactive attribute"
msgstr "shadowInactive 属性"
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "shadowExpire attribute"
msgstr "shadowExpire 属性"
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "shadowFlag attribute"
msgstr "shadowFlag 属性"
-#: src/config/SSSDConfig/__init__.py.in:296
+#: src/config/SSSDConfig/__init__.py.in:299
msgid "Attribute listing authorized PAM services"
msgstr "認可された PAM サービスを一覧化する属性"
-#: src/config/SSSDConfig/__init__.py.in:297
+#: src/config/SSSDConfig/__init__.py.in:300
msgid "Attribute listing authorized server hosts"
msgstr "認可されたサーバーホストを一覧化する属性"
-#: src/config/SSSDConfig/__init__.py.in:298
+#: src/config/SSSDConfig/__init__.py.in:301
msgid "krbLastPwdChange attribute"
msgstr "krbLastPwdChange 属性"
-#: src/config/SSSDConfig/__init__.py.in:299
+#: src/config/SSSDConfig/__init__.py.in:302
msgid "krbPasswordExpiration attribute"
msgstr "krbPasswordExpiration 属性"
-#: src/config/SSSDConfig/__init__.py.in:300
+#: src/config/SSSDConfig/__init__.py.in:303
msgid "Attribute indicating that server side password policies are active"
msgstr "サーバー側パスワードポリシーが有効であることを意味する属性"
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "accountExpires attribute of AD"
msgstr "AD の accountExpires 属性"
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "userAccountControl attribute of AD"
msgstr "AD の userAccountControl 属性"
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "nsAccountLock attribute"
msgstr "nsAccountLock 属性"
-#: src/config/SSSDConfig/__init__.py.in:304
+#: src/config/SSSDConfig/__init__.py.in:307
msgid "loginDisabled attribute of NDS"
msgstr "NDS の loginDisabled 属性"
-#: src/config/SSSDConfig/__init__.py.in:305
+#: src/config/SSSDConfig/__init__.py.in:308
msgid "loginExpirationTime attribute of NDS"
msgstr "NDS の loginExpirationTime 属性"
-#: src/config/SSSDConfig/__init__.py.in:306
+#: src/config/SSSDConfig/__init__.py.in:309
msgid "loginAllowedTimeMap attribute of NDS"
msgstr "NDS の loginAllowedTimeMap 属性"
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "SSH public key attribute"
msgstr "SSH 公開鍵の属性"
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "A list of extra attributes to download along with the user entry"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:310
+#: src/config/SSSDConfig/__init__.py.in:313
msgid "Base DN for group lookups"
msgstr "グループ検索のベース DN"
-#: src/config/SSSDConfig/__init__.py.in:313
+#: src/config/SSSDConfig/__init__.py.in:316
msgid "Objectclass for groups"
msgstr "グループのオブジェクトクラス"
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "Group name"
msgstr "グループ名"
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Group password"
msgstr "グループのパスワード"
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid "GID attribute"
msgstr "GID 属性"
-#: src/config/SSSDConfig/__init__.py.in:317
+#: src/config/SSSDConfig/__init__.py.in:320
msgid "Group member attribute"
msgstr "グループメンバー属性"
-#: src/config/SSSDConfig/__init__.py.in:318
+#: src/config/SSSDConfig/__init__.py.in:321
#, fuzzy
msgid "Group UUID attribute"
msgstr "UID の属性"
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "Modification time attribute for groups"
msgstr "グループの変更日時の属性"
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "Type of the group and other flags"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:323
+#: src/config/SSSDConfig/__init__.py.in:326
msgid "Maximum nesting level SSSd will follow"
msgstr "SSSd がしたがう最大入れ子レベル"
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Base DN for netgroup lookups"
msgstr "ネットグループ検索のベース DN"
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Objectclass for netgroups"
msgstr "ネットグループのオブジェクトクラス"
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Netgroup name"
msgstr "ネットグループ名"
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Netgroups members attribute"
msgstr "ネットグループメンバーの属性"
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid "Netgroup triple attribute"
msgstr "ネットグループの三つ組の属性"
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "Modification time attribute for netgroups"
msgstr "ネットグループの変更日時の属性"
-#: src/config/SSSDConfig/__init__.py.in:332
+#: src/config/SSSDConfig/__init__.py.in:335
msgid "Base DN for service lookups"
msgstr "サービス検索のベース DN"
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Objectclass for services"
msgstr "サービスのオブジェクトクラス"
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Service name attribute"
msgstr "サービス名の属性"
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Service port attribute"
msgstr "サービスポートの属性"
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Service protocol attribute"
msgstr "サービスプロトコルの属性"
-#: src/config/SSSDConfig/__init__.py.in:339
+#: src/config/SSSDConfig/__init__.py.in:342
msgid "Lower bound for ID-mapping"
msgstr "ID マッピングの下限"
-#: src/config/SSSDConfig/__init__.py.in:340
+#: src/config/SSSDConfig/__init__.py.in:343
msgid "Upper bound for ID-mapping"
msgstr "ID マッピングの上限"
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Number of IDs for each slice when ID-mapping"
msgstr "ID マッピングするとき、各スライスに対する ID の数"
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr "ID マッピングに対する autorid 互換アルゴリズムを使用します"
-#: src/config/SSSDConfig/__init__.py.in:343
+#: src/config/SSSDConfig/__init__.py.in:346
msgid "Name of the default domain for ID-mapping"
msgstr "ID マッピングに対するデフォルトドメインの名前"
-#: src/config/SSSDConfig/__init__.py.in:344
+#: src/config/SSSDConfig/__init__.py.in:347
msgid "SID of the default domain for ID-mapping"
msgstr "ID マッピングに対するデフォルトドメインの SID"
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr "グループ検索のために LDAP_MATCHING_RULE_IN_CHAIN を使用します"
-#: src/config/SSSDConfig/__init__.py.in:347
+#: src/config/SSSDConfig/__init__.py.in:350
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr "初期グループの検索のために LDAP_MATCHING_RULE_IN_CHAIN を使用します"
-#: src/config/SSSDConfig/__init__.py.in:348
+#: src/config/SSSDConfig/__init__.py.in:351
msgid "Whether to use Token-Groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "Set lower boundary for allowed IDs from the LDAP server"
msgstr "LDAP サーバーから許可される ID の下限の設定"
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Set upper boundary for allowed IDs from the LDAP server"
msgstr "LDAP サーバーから許可される ID の上限の設定"
-#: src/config/SSSDConfig/__init__.py.in:351
+#: src/config/SSSDConfig/__init__.py.in:354
msgid "DN for ppolicy queries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:354
+#: src/config/SSSDConfig/__init__.py.in:357
msgid "Policy to evaluate the password expiration"
msgstr "パスワード失効の評価のポリシー"
-#: src/config/SSSDConfig/__init__.py.in:358
+#: src/config/SSSDConfig/__init__.py.in:361
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr "どの属性がアカウントが失効しているかを評価するために使用されるか"
-#: src/config/SSSDConfig/__init__.py.in:359
+#: src/config/SSSDConfig/__init__.py.in:362
msgid "Which rules should be used to evaluate access control"
msgstr "どのルールがアクセス制御を評価するために使用されるか"
-#: src/config/SSSDConfig/__init__.py.in:362
+#: src/config/SSSDConfig/__init__.py.in:365
msgid "URI of an LDAP server where password changes are allowed"
msgstr "パスワードの変更が許可される LDAP サーバーの URI"
-#: src/config/SSSDConfig/__init__.py.in:363
+#: src/config/SSSDConfig/__init__.py.in:366
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr "パスワードの変更が許可されるバックアップ LDAP サーバーの URI"
-#: src/config/SSSDConfig/__init__.py.in:364
+#: src/config/SSSDConfig/__init__.py.in:367
msgid "DNS service name for LDAP password change server"
msgstr "LDAP パスワードの変更サーバーの DNS サービス名"
-#: src/config/SSSDConfig/__init__.py.in:365
+#: src/config/SSSDConfig/__init__.py.in:368
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr "パスワード変更後 ldap_user_shadow_last_change 属性を更新するかどうか"
-#: src/config/SSSDConfig/__init__.py.in:368
+#: src/config/SSSDConfig/__init__.py.in:371
msgid "Base DN for sudo rules lookups"
msgstr "sudo ルール検索のベース DN"
-#: src/config/SSSDConfig/__init__.py.in:369
+#: src/config/SSSDConfig/__init__.py.in:372
msgid "Automatic full refresh period"
msgstr "自動的な完全更新間隔"
-#: src/config/SSSDConfig/__init__.py.in:370
+#: src/config/SSSDConfig/__init__.py.in:373
msgid "Automatic smart refresh period"
msgstr "自動的なスマート更新間隔"
-#: src/config/SSSDConfig/__init__.py.in:371
+#: src/config/SSSDConfig/__init__.py.in:374
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
"ホスト名、IP アドレスおよびネットワークによるフィルタールールを使用するかどう"
"か"
-#: src/config/SSSDConfig/__init__.py.in:372
+#: src/config/SSSDConfig/__init__.py.in:375
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
@@ -1120,118 +1132,118 @@ msgstr ""
"sudo ルールをフィルターするこのマシンのホスト名および/または完全修飾ドメイン"
"名"
-#: src/config/SSSDConfig/__init__.py.in:373
+#: src/config/SSSDConfig/__init__.py.in:376
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
"sudo ルールをフィルターするこのマシンの IPv4 または IPv6 アドレスまたはネット"
"ワーク"
-#: src/config/SSSDConfig/__init__.py.in:374
+#: src/config/SSSDConfig/__init__.py.in:377
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr "ホスト属性にネットワークグループを含むルールを含めるかどうか"
-#: src/config/SSSDConfig/__init__.py.in:375
+#: src/config/SSSDConfig/__init__.py.in:378
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr "ホスト属性に正規表現を含むルールを含めるかどうか"
-#: src/config/SSSDConfig/__init__.py.in:376
+#: src/config/SSSDConfig/__init__.py.in:379
msgid "Object class for sudo rules"
msgstr "sudo ルールのオブジェクトクラス"
-#: src/config/SSSDConfig/__init__.py.in:377
+#: src/config/SSSDConfig/__init__.py.in:380
msgid "Sudo rule name"
msgstr "sudo ルール名"
-#: src/config/SSSDConfig/__init__.py.in:378
+#: src/config/SSSDConfig/__init__.py.in:381
msgid "Sudo rule command attribute"
msgstr "sudo ルールのコマンドの属性"
-#: src/config/SSSDConfig/__init__.py.in:379
+#: src/config/SSSDConfig/__init__.py.in:382
msgid "Sudo rule host attribute"
msgstr "sudo ルールのホストの属性"
-#: src/config/SSSDConfig/__init__.py.in:380
+#: src/config/SSSDConfig/__init__.py.in:383
msgid "Sudo rule user attribute"
msgstr "sudo ルールのユーザーの属性"
-#: src/config/SSSDConfig/__init__.py.in:381
+#: src/config/SSSDConfig/__init__.py.in:384
msgid "Sudo rule option attribute"
msgstr "sudo ルールのオプションの属性"
-#: src/config/SSSDConfig/__init__.py.in:382
+#: src/config/SSSDConfig/__init__.py.in:385
msgid "Sudo rule runas attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:383
+#: src/config/SSSDConfig/__init__.py.in:386
msgid "Sudo rule runasuser attribute"
msgstr "sudo ルールの runasuser の属性"
-#: src/config/SSSDConfig/__init__.py.in:384
+#: src/config/SSSDConfig/__init__.py.in:387
msgid "Sudo rule runasgroup attribute"
msgstr "sudo ルールの runasgroup の属性"
-#: src/config/SSSDConfig/__init__.py.in:385
+#: src/config/SSSDConfig/__init__.py.in:388
msgid "Sudo rule notbefore attribute"
msgstr "sudo ルールの notbefore の属性"
-#: src/config/SSSDConfig/__init__.py.in:386
+#: src/config/SSSDConfig/__init__.py.in:389
msgid "Sudo rule notafter attribute"
msgstr "sudo ルールの notafter の属性"
-#: src/config/SSSDConfig/__init__.py.in:387
+#: src/config/SSSDConfig/__init__.py.in:390
msgid "Sudo rule order attribute"
msgstr "sudo ルールの order の属性"
-#: src/config/SSSDConfig/__init__.py.in:390
+#: src/config/SSSDConfig/__init__.py.in:393
msgid "Object class for automounter maps"
msgstr "automounter マップのオブジェクトクラス"
-#: src/config/SSSDConfig/__init__.py.in:391
+#: src/config/SSSDConfig/__init__.py.in:394
msgid "Automounter map name attribute"
msgstr "オートマウントのマップ名の属性"
-#: src/config/SSSDConfig/__init__.py.in:392
+#: src/config/SSSDConfig/__init__.py.in:395
msgid "Object class for automounter map entries"
msgstr "automounter マップエントリーのオブジェクトクラス"
-#: src/config/SSSDConfig/__init__.py.in:393
+#: src/config/SSSDConfig/__init__.py.in:396
msgid "Automounter map entry key attribute"
msgstr "automounter マップエントリーのキー属性"
-#: src/config/SSSDConfig/__init__.py.in:394
+#: src/config/SSSDConfig/__init__.py.in:397
msgid "Automounter map entry value attribute"
msgstr "automounter マップエントリーの値属性"
-#: src/config/SSSDConfig/__init__.py.in:395
+#: src/config/SSSDConfig/__init__.py.in:398
msgid "Base DN for automounter map lookups"
msgstr "automonter のマップ検索のベース DN"
-#: src/config/SSSDConfig/__init__.py.in:398
+#: src/config/SSSDConfig/__init__.py.in:401
msgid "Comma separated list of allowed users"
msgstr "許可ユーザーのカンマ区切り一覧"
-#: src/config/SSSDConfig/__init__.py.in:399
+#: src/config/SSSDConfig/__init__.py.in:402
msgid "Comma separated list of prohibited users"
msgstr "禁止ユーザーのカンマ区切り一覧"
-#: src/config/SSSDConfig/__init__.py.in:402
+#: src/config/SSSDConfig/__init__.py.in:405
msgid "Default shell, /bin/bash"
msgstr "デフォルトのシェル, /bin/bash"
-#: src/config/SSSDConfig/__init__.py.in:403
+#: src/config/SSSDConfig/__init__.py.in:406
msgid "Base for home directories"
msgstr "ホームディレクトリーのベース"
-#: src/config/SSSDConfig/__init__.py.in:406
+#: src/config/SSSDConfig/__init__.py.in:409
msgid "The name of the NSS library to use"
msgstr "使用する NSS ライブラリーの名前"
-#: src/config/SSSDConfig/__init__.py.in:407
+#: src/config/SSSDConfig/__init__.py.in:410
msgid "Whether to look up canonical group name from cache if possible"
msgstr "可能ならばキャッシュから正規化されたグループ名を検索するかどうか"
-#: src/config/SSSDConfig/__init__.py.in:410
+#: src/config/SSSDConfig/__init__.py.in:413
msgid "PAM stack to use"
msgstr "使用する PAM スタック"
@@ -1251,26 +1263,26 @@ msgstr "非標準の設定ファイルの指定"
msgid "Print version number and exit"
msgstr "バージョン番号を表示して終了する"
-#: src/providers/krb5/krb5_child.c:2342 src/providers/ldap/ldap_child.c:589
+#: src/providers/krb5/krb5_child.c:2342 src/providers/ldap/ldap_child.c:609
#: src/util/util.h:108
msgid "Debug level"
msgstr "デバッグレベル"
-#: src/providers/krb5/krb5_child.c:2344 src/providers/ldap/ldap_child.c:591
+#: src/providers/krb5/krb5_child.c:2344 src/providers/ldap/ldap_child.c:611
#: src/util/util.h:114
msgid "Add debug timestamps"
msgstr "デバッグのタイムスタンプを追加する"
-#: src/providers/krb5/krb5_child.c:2346 src/providers/ldap/ldap_child.c:593
+#: src/providers/krb5/krb5_child.c:2346 src/providers/ldap/ldap_child.c:613
#: src/util/util.h:116
msgid "Show timestamps with microseconds"
msgstr "タイムスタンプをミリ秒単位で表示する"
-#: src/providers/krb5/krb5_child.c:2348 src/providers/ldap/ldap_child.c:595
+#: src/providers/krb5/krb5_child.c:2348 src/providers/ldap/ldap_child.c:615
msgid "An open file descriptor for the debug logs"
msgstr "デバッグログのオープンファイルディスクリプター"
-#: src/providers/krb5/krb5_child.c:2351 src/providers/ldap/ldap_child.c:597
+#: src/providers/krb5/krb5_child.c:2351 src/providers/ldap/ldap_child.c:617
#: src/util/util.h:112
msgid "Send the debug output to stderr directly."
msgstr ""
@@ -1283,99 +1295,104 @@ msgstr ""
msgid "The group to create FAST ccache as"
msgstr ""
-#: src/providers/data_provider_be.c:2833
+#: src/providers/data_provider_be.c:2834
msgid "Domain of the information provider (mandatory)"
msgstr "情報プロバイダーのドメイン (必須)"
-#: src/sss_client/common.c:969
+#: src/sss_client/common.c:971
msgid "Privileged socket has wrong ownership or permissions."
msgstr "特権ソケットの所有者またはパーミッションが誤っています。"
-#: src/sss_client/common.c:972
+#: src/sss_client/common.c:974
msgid "Public socket has wrong ownership or permissions."
msgstr "公開ソケットの所有者またはパーミッションが誤っています。"
-#: src/sss_client/common.c:975
+#: src/sss_client/common.c:977
msgid "Unexpected format of the server credential message."
msgstr "サーバーのクレディンシャルメッセージの予期しない形式です。"
-#: src/sss_client/common.c:978
+#: src/sss_client/common.c:980
msgid "SSSD is not run by root."
msgstr "SSSD は root により実行されません。"
-#: src/sss_client/common.c:983
+#: src/sss_client/common.c:985
msgid "An error occurred, but no description can be found."
msgstr "エラーが発生しましたが、説明がありませんでした。"
-#: src/sss_client/common.c:989
+#: src/sss_client/common.c:991
msgid "Unexpected error while looking for an error description"
msgstr "エラーの説明を検索中に予期しないエラーが発生しました"
-#: src/sss_client/pam_sss.c:398
+#: src/sss_client/pam_sss.c:63
+msgid "Permission denied. "
+msgstr ""
+
+#: src/sss_client/pam_sss.c:64 src/sss_client/pam_sss.c:883
+#: src/sss_client/pam_sss.c:894
+msgid "Server message: "
+msgstr "サーバーのメッセージ: "
+
+#: src/sss_client/pam_sss.c:401
msgid "Passwords do not match"
msgstr "パスワードが一致しません"
-#: src/sss_client/pam_sss.c:586
+#: src/sss_client/pam_sss.c:589
msgid "Password reset by root is not supported."
msgstr "root によるパスワードのリセットはサポートされません。"
-#: src/sss_client/pam_sss.c:627
+#: src/sss_client/pam_sss.c:630
msgid "Authenticated with cached credentials"
msgstr "キャッシュされているクレディンシャルを用いて認証されました"
-#: src/sss_client/pam_sss.c:628
+#: src/sss_client/pam_sss.c:631
msgid ", your cached password will expire at: "
msgstr "、キャッシュされたパスワードが失効します: "
-#: src/sss_client/pam_sss.c:658
+#: src/sss_client/pam_sss.c:661
#, c-format
msgid "Your password has expired. You have %1$d grace login(s) remaining."
msgstr "パスワードの期限が切れています。あと %1$d 回ログインできます。"
-#: src/sss_client/pam_sss.c:704
+#: src/sss_client/pam_sss.c:707
#, c-format
msgid "Your password will expire in %1$d %2$s."
msgstr "あなたのパスワードは %1$d %2$s に危険が切れます。"
-#: src/sss_client/pam_sss.c:753
+#: src/sss_client/pam_sss.c:756
msgid "Authentication is denied until: "
msgstr "次まで認証が拒否されます: "
-#: src/sss_client/pam_sss.c:774
+#: src/sss_client/pam_sss.c:777
msgid "System is offline, password change not possible"
msgstr "システムがオフラインです、パスワード変更ができません"
-#: src/sss_client/pam_sss.c:789
+#: src/sss_client/pam_sss.c:792
msgid ""
"After changing the OTP password, you need to log out and back in order to "
"acquire a ticket"
msgstr ""
-#: src/sss_client/pam_sss.c:820 src/sss_client/pam_sss.c:833
+#: src/sss_client/pam_sss.c:880 src/sss_client/pam_sss.c:893
msgid "Password change failed. "
msgstr "パスワードの変更に失敗しました。 "
-#: src/sss_client/pam_sss.c:823 src/sss_client/pam_sss.c:834
-msgid "Server message: "
-msgstr "サーバーのメッセージ: "
-
-#: src/sss_client/pam_sss.c:1274
+#: src/sss_client/pam_sss.c:1336
msgid "New Password: "
msgstr "新しいパスワード: "
-#: src/sss_client/pam_sss.c:1275
+#: src/sss_client/pam_sss.c:1337
msgid "Reenter new Password: "
msgstr "新しいパスワードの再入力: "
-#: src/sss_client/pam_sss.c:1374
+#: src/sss_client/pam_sss.c:1436
msgid "Password: "
msgstr "パスワード: "
-#: src/sss_client/pam_sss.c:1406
+#: src/sss_client/pam_sss.c:1468
msgid "Current Password: "
msgstr "現在のパスワード: "
-#: src/sss_client/pam_sss.c:1582
+#: src/sss_client/pam_sss.c:1644
msgid "Password expired. Change your password now."
msgstr "パスワードの期限が切れました。いますぐパスワードを変更してください。"
diff --git a/po/nb.po b/po/nb.po
index 6b6d74e80..3ab652c3e 100644
--- a/po/nb.po
+++ b/po/nb.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2015-02-18 16:53+0100\n"
+"POT-Creation-Date: 2015-06-12 10:37+0200\n"
"PO-Revision-Date: 2014-06-04 02:04-0400\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Norwegian Bokmål (http://www.transifex.com/projects/p/sssd/"
@@ -18,7 +18,7 @@ msgstr ""
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"
-"X-Generator: Zanata 3.5.1\n"
+"X-Generator: Zanata 3.6.2\n"
#: src/config/SSSDConfig/__init__.py.in:43
msgid "Set the verbosity of the debug logging"
@@ -104,7 +104,7 @@ msgid "Entry cache background update timeout length (seconds)"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:67
-#: src/config/SSSDConfig/__init__.py.in:96
+#: src/config/SSSDConfig/__init__.py.in:97
msgid "Negative cache timeout length (seconds)"
msgstr ""
@@ -198,1023 +198,1035 @@ msgstr ""
msgid "List of domains accessible even for untrusted users."
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:93
+#: src/config/SSSDConfig/__init__.py.in:91
+msgid "Message printed when user account is expired."
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:94
msgid "Whether to evaluate the time-based attributes in sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:99
+#: src/config/SSSDConfig/__init__.py.in:100
msgid "Whether to hash host names and addresses in the known_hosts file"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:100
+#: src/config/SSSDConfig/__init__.py.in:101
msgid ""
"How many seconds to keep a host in the known_hosts file after its host keys "
"were requested"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:103
+#: src/config/SSSDConfig/__init__.py.in:104
msgid "List of UIDs or user names allowed to access the PAC responder"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:106
+#: src/config/SSSDConfig/__init__.py.in:107
msgid "List of UIDs or user names allowed to access the InfoPipe responder"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:107
+#: src/config/SSSDConfig/__init__.py.in:108
msgid "List of user attributes the InfoPipe is allowed to publish"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:110
+#: src/config/SSSDConfig/__init__.py.in:111
msgid "Identity provider"
msgstr "Identitetstilbyder"
-#: src/config/SSSDConfig/__init__.py.in:111
+#: src/config/SSSDConfig/__init__.py.in:112
msgid "Authentication provider"
msgstr "Autentiseringstilbyder"
-#: src/config/SSSDConfig/__init__.py.in:112
+#: src/config/SSSDConfig/__init__.py.in:113
msgid "Access control provider"
msgstr "Tilgangskontrolltilbyder"
-#: src/config/SSSDConfig/__init__.py.in:113
+#: src/config/SSSDConfig/__init__.py.in:114
msgid "Password change provider"
msgstr "Passordbyttetilbyder"
-#: src/config/SSSDConfig/__init__.py.in:114
+#: src/config/SSSDConfig/__init__.py.in:115
msgid "SUDO provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:115
+#: src/config/SSSDConfig/__init__.py.in:116
msgid "Autofs provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:116
+#: src/config/SSSDConfig/__init__.py.in:117
msgid "Session-loading provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:117
+#: src/config/SSSDConfig/__init__.py.in:118
msgid "Host identity provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:120
+#: src/config/SSSDConfig/__init__.py.in:121
msgid "Minimum user ID"
msgstr "Minste bruker-ID"
-#: src/config/SSSDConfig/__init__.py.in:121
+#: src/config/SSSDConfig/__init__.py.in:122
msgid "Maximum user ID"
msgstr "Største bruker-ID"
-#: src/config/SSSDConfig/__init__.py.in:122
+#: src/config/SSSDConfig/__init__.py.in:123
msgid "Enable enumerating all users/groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:123
+#: src/config/SSSDConfig/__init__.py.in:124
msgid "Cache credentials for offline login"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:124
+#: src/config/SSSDConfig/__init__.py.in:125
msgid "Store password hashes"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:125
+#: src/config/SSSDConfig/__init__.py.in:126
msgid "Display users/groups in fully-qualified form"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:126
+#: src/config/SSSDConfig/__init__.py.in:127
msgid "Don't include group members in group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:127
-#: src/config/SSSDConfig/__init__.py.in:134
+#: src/config/SSSDConfig/__init__.py.in:128
#: src/config/SSSDConfig/__init__.py.in:135
#: src/config/SSSDConfig/__init__.py.in:136
#: src/config/SSSDConfig/__init__.py.in:137
#: src/config/SSSDConfig/__init__.py.in:138
#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "Entry cache timeout length (seconds)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:128
+#: src/config/SSSDConfig/__init__.py.in:129
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:129
+#: src/config/SSSDConfig/__init__.py.in:130
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:130
+#: src/config/SSSDConfig/__init__.py.in:131
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "The domain part of service discovery DNS query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "Override GID value from the identity provider with this value"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Treat usernames as case sensitive"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "How often should expired entries be refreshed in background"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "Whether to automatically update the client's DNS entry"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:142
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:143
+#: src/config/SSSDConfig/__init__.py.in:159
msgid "The TTL to apply to the client's DNS entry after updating it"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:143
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:145
msgid "How often to periodically update the client's DNS entry"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:146
msgid "Whether the provider should explicitly update the PTR record as well"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:147
msgid "Whether the nsupdate utility should default to using TCP"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "What kind of authentication should be used to perform the DNS update"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:148
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "Control enumeration of trusted domains"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:149
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "How often should subdomains list be refreshed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:152
+#: src/config/SSSDConfig/__init__.py.in:151
+msgid "List of options that should be inherited into a subdomain"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:154
msgid "IPA domain"
msgstr "IPA-domene"
-#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:155
msgid "IPA server address"
msgstr "IPA-tjeneradresse"
-#: src/config/SSSDConfig/__init__.py.in:154
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Address of backup IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:155
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "IPA client hostname"
msgstr "Vertsnavn for IPA-klient"
-#: src/config/SSSDConfig/__init__.py.in:156
+#: src/config/SSSDConfig/__init__.py.in:158
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:161
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:160
+#: src/config/SSSDConfig/__init__.py.in:162
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:161
+#: src/config/SSSDConfig/__init__.py.in:163
msgid ""
"The amount of time in seconds between lookups of the SELinux maps against "
"the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:162
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "The automounter location this IPA client is using"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Search base for object containing info about IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:168
msgid "Search base for objects containing info about ID ranges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:167
-#: src/config/SSSDConfig/__init__.py.in:181
+#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:183
msgid "Enable DNS sites - location based service discovery"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:168
+#: src/config/SSSDConfig/__init__.py.in:170
msgid "Search base for view containers"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:171
msgid "Objectclass for view containers"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:170
+#: src/config/SSSDConfig/__init__.py.in:172
msgid "Attribute with the name of the view"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
msgid "Objectclass for override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:172
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Attribute with the reference to the original object"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:175
msgid "Objectclass for user override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:176
msgid "Objectclass for group override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "Active Directory domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "Active Directory server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "Active Directory backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "Active Directory client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:182
-#: src/config/SSSDConfig/__init__.py.in:357
+#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:360
msgid "LDAP filter to determine access privileges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:183
+#: src/config/SSSDConfig/__init__.py.in:185
msgid "Whether to use the Global Catalog for lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Operation mode for GPO-based access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:187
msgid ""
"The amount of time between lookups of the GPO policy files against the AD "
"server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:186
+#: src/config/SSSDConfig/__init__.py.in:188
msgid ""
"PAM service names that map to the GPO (Deny)InteractiveLogonRight policy "
"settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:189
msgid ""
"PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight "
"policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:190
msgid ""
"PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:191
msgid ""
"PAM service names that map to the GPO (Deny)BatchLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:192
msgid ""
"PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "PAM service names for which GPO-based access is always granted"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "PAM service names for which GPO-based access is always denied"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:195
msgid ""
"Default logon right (or permit/deny) to use for unmapped PAM service names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "a particular site to be used by the client"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:197
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "Kerberos server address"
msgstr "Tjeneradresse for Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Kerberos backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "Kerberos realm"
msgstr "Kerberos-område"
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "Authentication timeout"
msgstr "Tidsavbrudd for autentisering"
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "Whether to create kdcinfo files"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "Where to drop krb5 config snippets"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "Directory to store credential caches"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:207
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "Location of the user's credential cache"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:210
msgid "Location of the keytab to validate credentials"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:209
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "Enable credential validation"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:212
msgid "Store password if offline for later online authentication"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:211
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:212
+#: src/config/SSSDConfig/__init__.py.in:214
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:215
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "Enables FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "Selects the principal to use for FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:218
msgid "Enables principal canonicalization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:217
+#: src/config/SSSDConfig/__init__.py.in:219
msgid "Enables enterprise principals"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:220
-#: src/config/SSSDConfig/__init__.py.in:221
-msgid "Server where the change password service is running if not on the KDC"
+msgid "A mapping from user names to kerberos principal names"
msgstr ""
+#: src/config/SSSDConfig/__init__.py.in:223
#: src/config/SSSDConfig/__init__.py.in:224
+msgid "Server where the change password service is running if not on the KDC"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:227
msgid "ldap_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:225
+#: src/config/SSSDConfig/__init__.py.in:228
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:226
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "The default base DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "The default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "The type of the authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "The authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:231
+#: src/config/SSSDConfig/__init__.py.in:234
msgid "Length of time to attempt connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Length of time to attempt synchronous LDAP operations"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "Length of time between attempts to reconnect while offline"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "File that contains CA certificates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Path to CA certificate directory"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:237
+#: src/config/SSSDConfig/__init__.py.in:240
msgid "File that contains the client certificate"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "File that contains the client key"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "Require TLS certificate verification"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "Specify the sasl mechanism to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "Specify the sasl authorization id to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "Specify the sasl authorization realm to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:244
+#: src/config/SSSDConfig/__init__.py.in:247
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Kerberos service keytab"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "Use Kerberos auth for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "Follow LDAP referrals"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "Lifetime of TGT for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:250
+#: src/config/SSSDConfig/__init__.py.in:253
msgid "Service name for DNS service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "entryUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "lastUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:260
+#: src/config/SSSDConfig/__init__.py.in:263
msgid "Disable the LDAP paging control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "Disable Active Directory range retrieval"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "Length of time to wait for a search request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "Length of time to wait for a enumeration request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "Length of time between enumeration updates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "Length of time between cache cleanups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "Require TLS for ID lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:269
+#: src/config/SSSDConfig/__init__.py.in:272
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:270
+#: src/config/SSSDConfig/__init__.py.in:273
msgid "Base DN for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:271
+#: src/config/SSSDConfig/__init__.py.in:274
msgid "Scope of user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:272
+#: src/config/SSSDConfig/__init__.py.in:275
msgid "Filter for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:273
+#: src/config/SSSDConfig/__init__.py.in:276
msgid "Objectclass for users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Username attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "UID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "Primary GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "GECOS attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:279
+#: src/config/SSSDConfig/__init__.py.in:282
msgid "Home directory attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "Shell attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
msgid "UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:282
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:322
msgid "objectSID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Active Directory primary group attribute for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:284
+#: src/config/SSSDConfig/__init__.py.in:287
msgid "User principal attribute (for Kerberos)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:288
msgid "Full Name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:286
+#: src/config/SSSDConfig/__init__.py.in:289
msgid "memberOf attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Modification time attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "shadowMin attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "shadowMax attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:292
+#: src/config/SSSDConfig/__init__.py.in:295
msgid "shadowWarning attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:293
+#: src/config/SSSDConfig/__init__.py.in:296
msgid "shadowInactive attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "shadowExpire attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "shadowFlag attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:296
+#: src/config/SSSDConfig/__init__.py.in:299
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:297
+#: src/config/SSSDConfig/__init__.py.in:300
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:298
+#: src/config/SSSDConfig/__init__.py.in:301
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:299
+#: src/config/SSSDConfig/__init__.py.in:302
msgid "krbPasswordExpiration attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:300
+#: src/config/SSSDConfig/__init__.py.in:303
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "accountExpires attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "nsAccountLock attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:304
+#: src/config/SSSDConfig/__init__.py.in:307
msgid "loginDisabled attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:305
+#: src/config/SSSDConfig/__init__.py.in:308
msgid "loginExpirationTime attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:306
+#: src/config/SSSDConfig/__init__.py.in:309
msgid "loginAllowedTimeMap attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "SSH public key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "A list of extra attributes to download along with the user entry"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:310
+#: src/config/SSSDConfig/__init__.py.in:313
msgid "Base DN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:313
+#: src/config/SSSDConfig/__init__.py.in:316
msgid "Objectclass for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "Group name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Group password"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid "GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:317
+#: src/config/SSSDConfig/__init__.py.in:320
msgid "Group member attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:318
+#: src/config/SSSDConfig/__init__.py.in:321
msgid "Group UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "Modification time attribute for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "Type of the group and other flags"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:323
+#: src/config/SSSDConfig/__init__.py.in:326
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Base DN for netgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Objectclass for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Netgroups members attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid "Netgroup triple attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "Modification time attribute for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:332
+#: src/config/SSSDConfig/__init__.py.in:335
msgid "Base DN for service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Objectclass for services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Service name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Service port attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Service protocol attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:339
+#: src/config/SSSDConfig/__init__.py.in:342
msgid "Lower bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:340
+#: src/config/SSSDConfig/__init__.py.in:343
msgid "Upper bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:343
+#: src/config/SSSDConfig/__init__.py.in:346
msgid "Name of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:344
+#: src/config/SSSDConfig/__init__.py.in:347
msgid "SID of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:347
+#: src/config/SSSDConfig/__init__.py.in:350
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:348
+#: src/config/SSSDConfig/__init__.py.in:351
msgid "Whether to use Token-Groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "Set lower boundary for allowed IDs from the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Set upper boundary for allowed IDs from the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:351
+#: src/config/SSSDConfig/__init__.py.in:354
msgid "DN for ppolicy queries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:354
+#: src/config/SSSDConfig/__init__.py.in:357
msgid "Policy to evaluate the password expiration"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:358
+#: src/config/SSSDConfig/__init__.py.in:361
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:359
+#: src/config/SSSDConfig/__init__.py.in:362
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:362
+#: src/config/SSSDConfig/__init__.py.in:365
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:363
+#: src/config/SSSDConfig/__init__.py.in:366
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:364
+#: src/config/SSSDConfig/__init__.py.in:367
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:365
+#: src/config/SSSDConfig/__init__.py.in:368
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:368
+#: src/config/SSSDConfig/__init__.py.in:371
msgid "Base DN for sudo rules lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:369
+#: src/config/SSSDConfig/__init__.py.in:372
msgid "Automatic full refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:370
+#: src/config/SSSDConfig/__init__.py.in:373
msgid "Automatic smart refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:371
+#: src/config/SSSDConfig/__init__.py.in:374
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:372
+#: src/config/SSSDConfig/__init__.py.in:375
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:373
+#: src/config/SSSDConfig/__init__.py.in:376
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:374
+#: src/config/SSSDConfig/__init__.py.in:377
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:375
+#: src/config/SSSDConfig/__init__.py.in:378
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:376
+#: src/config/SSSDConfig/__init__.py.in:379
msgid "Object class for sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:377
+#: src/config/SSSDConfig/__init__.py.in:380
msgid "Sudo rule name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:378
+#: src/config/SSSDConfig/__init__.py.in:381
msgid "Sudo rule command attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:379
+#: src/config/SSSDConfig/__init__.py.in:382
msgid "Sudo rule host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:380
+#: src/config/SSSDConfig/__init__.py.in:383
msgid "Sudo rule user attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:381
+#: src/config/SSSDConfig/__init__.py.in:384
msgid "Sudo rule option attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:382
+#: src/config/SSSDConfig/__init__.py.in:385
msgid "Sudo rule runas attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:383
+#: src/config/SSSDConfig/__init__.py.in:386
msgid "Sudo rule runasuser attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:384
+#: src/config/SSSDConfig/__init__.py.in:387
msgid "Sudo rule runasgroup attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:385
+#: src/config/SSSDConfig/__init__.py.in:388
msgid "Sudo rule notbefore attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:386
+#: src/config/SSSDConfig/__init__.py.in:389
msgid "Sudo rule notafter attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:387
+#: src/config/SSSDConfig/__init__.py.in:390
msgid "Sudo rule order attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:390
+#: src/config/SSSDConfig/__init__.py.in:393
msgid "Object class for automounter maps"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:391
+#: src/config/SSSDConfig/__init__.py.in:394
msgid "Automounter map name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:392
+#: src/config/SSSDConfig/__init__.py.in:395
msgid "Object class for automounter map entries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:393
+#: src/config/SSSDConfig/__init__.py.in:396
msgid "Automounter map entry key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:394
+#: src/config/SSSDConfig/__init__.py.in:397
msgid "Automounter map entry value attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:395
+#: src/config/SSSDConfig/__init__.py.in:398
msgid "Base DN for automounter map lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:398
+#: src/config/SSSDConfig/__init__.py.in:401
msgid "Comma separated list of allowed users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:399
+#: src/config/SSSDConfig/__init__.py.in:402
msgid "Comma separated list of prohibited users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:402
+#: src/config/SSSDConfig/__init__.py.in:405
msgid "Default shell, /bin/bash"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:403
+#: src/config/SSSDConfig/__init__.py.in:406
msgid "Base for home directories"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:406
+#: src/config/SSSDConfig/__init__.py.in:409
msgid "The name of the NSS library to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:407
+#: src/config/SSSDConfig/__init__.py.in:410
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:410
+#: src/config/SSSDConfig/__init__.py.in:413
msgid "PAM stack to use"
msgstr ""
@@ -1234,26 +1246,26 @@ msgstr ""
msgid "Print version number and exit"
msgstr ""
-#: src/providers/krb5/krb5_child.c:2342 src/providers/ldap/ldap_child.c:589
+#: src/providers/krb5/krb5_child.c:2342 src/providers/ldap/ldap_child.c:609
#: src/util/util.h:108
msgid "Debug level"
msgstr ""
-#: src/providers/krb5/krb5_child.c:2344 src/providers/ldap/ldap_child.c:591
+#: src/providers/krb5/krb5_child.c:2344 src/providers/ldap/ldap_child.c:611
#: src/util/util.h:114
msgid "Add debug timestamps"
msgstr ""
-#: src/providers/krb5/krb5_child.c:2346 src/providers/ldap/ldap_child.c:593
+#: src/providers/krb5/krb5_child.c:2346 src/providers/ldap/ldap_child.c:613
#: src/util/util.h:116
msgid "Show timestamps with microseconds"
msgstr ""
-#: src/providers/krb5/krb5_child.c:2348 src/providers/ldap/ldap_child.c:595
+#: src/providers/krb5/krb5_child.c:2348 src/providers/ldap/ldap_child.c:615
msgid "An open file descriptor for the debug logs"
msgstr ""
-#: src/providers/krb5/krb5_child.c:2351 src/providers/ldap/ldap_child.c:597
+#: src/providers/krb5/krb5_child.c:2351 src/providers/ldap/ldap_child.c:617
#: src/util/util.h:112
msgid "Send the debug output to stderr directly."
msgstr ""
@@ -1266,99 +1278,104 @@ msgstr ""
msgid "The group to create FAST ccache as"
msgstr ""
-#: src/providers/data_provider_be.c:2833
+#: src/providers/data_provider_be.c:2834
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:969
+#: src/sss_client/common.c:971
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:972
+#: src/sss_client/common.c:974
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:975
+#: src/sss_client/common.c:977
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:978
+#: src/sss_client/common.c:980
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:983
+#: src/sss_client/common.c:985
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:989
+#: src/sss_client/common.c:991
msgid "Unexpected error while looking for an error description"
msgstr ""
-#: src/sss_client/pam_sss.c:398
+#: src/sss_client/pam_sss.c:63
+msgid "Permission denied. "
+msgstr ""
+
+#: src/sss_client/pam_sss.c:64 src/sss_client/pam_sss.c:883
+#: src/sss_client/pam_sss.c:894
+msgid "Server message: "
+msgstr ""
+
+#: src/sss_client/pam_sss.c:401
msgid "Passwords do not match"
msgstr ""
-#: src/sss_client/pam_sss.c:586
+#: src/sss_client/pam_sss.c:589
msgid "Password reset by root is not supported."
msgstr ""
-#: src/sss_client/pam_sss.c:627
+#: src/sss_client/pam_sss.c:630
msgid "Authenticated with cached credentials"
msgstr ""
-#: src/sss_client/pam_sss.c:628
+#: src/sss_client/pam_sss.c:631
msgid ", your cached password will expire at: "
msgstr ""
-#: src/sss_client/pam_sss.c:658
+#: src/sss_client/pam_sss.c:661
#, c-format
msgid "Your password has expired. You have %1$d grace login(s) remaining."
msgstr ""
-#: src/sss_client/pam_sss.c:704
+#: src/sss_client/pam_sss.c:707
#, c-format
msgid "Your password will expire in %1$d %2$s."
msgstr ""
-#: src/sss_client/pam_sss.c:753
+#: src/sss_client/pam_sss.c:756
msgid "Authentication is denied until: "
msgstr ""
-#: src/sss_client/pam_sss.c:774
+#: src/sss_client/pam_sss.c:777
msgid "System is offline, password change not possible"
msgstr ""
-#: src/sss_client/pam_sss.c:789
+#: src/sss_client/pam_sss.c:792
msgid ""
"After changing the OTP password, you need to log out and back in order to "
"acquire a ticket"
msgstr ""
-#: src/sss_client/pam_sss.c:820 src/sss_client/pam_sss.c:833
+#: src/sss_client/pam_sss.c:880 src/sss_client/pam_sss.c:893
msgid "Password change failed. "
msgstr ""
-#: src/sss_client/pam_sss.c:823 src/sss_client/pam_sss.c:834
-msgid "Server message: "
-msgstr ""
-
-#: src/sss_client/pam_sss.c:1274
+#: src/sss_client/pam_sss.c:1336
msgid "New Password: "
msgstr ""
-#: src/sss_client/pam_sss.c:1275
+#: src/sss_client/pam_sss.c:1337
msgid "Reenter new Password: "
msgstr ""
-#: src/sss_client/pam_sss.c:1374
+#: src/sss_client/pam_sss.c:1436
msgid "Password: "
msgstr ""
-#: src/sss_client/pam_sss.c:1406
+#: src/sss_client/pam_sss.c:1468
msgid "Current Password: "
msgstr ""
-#: src/sss_client/pam_sss.c:1582
+#: src/sss_client/pam_sss.c:1644
msgid "Password expired. Change your password now."
msgstr ""
diff --git a/po/nl.po b/po/nl.po
index d1e98ba2e..e8aa7e5ef 100644
--- a/po/nl.po
+++ b/po/nl.po
@@ -13,7 +13,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2015-02-18 16:53+0100\n"
+"POT-Creation-Date: 2015-06-12 10:37+0200\n"
"PO-Revision-Date: 2014-06-04 02:04-0400\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Dutch (http://www.transifex.com/projects/p/sssd/language/"
@@ -23,7 +23,7 @@ msgstr ""
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"
-"X-Generator: Zanata 3.5.1\n"
+"X-Generator: Zanata 3.6.2\n"
#: src/config/SSSDConfig/__init__.py.in:43
msgid "Set the verbosity of the debug logging"
@@ -114,7 +114,7 @@ msgid "Entry cache background update timeout length (seconds)"
msgstr "Entry cache achtergrond update timeout duur (in seconden)"
#: src/config/SSSDConfig/__init__.py.in:67
-#: src/config/SSSDConfig/__init__.py.in:96
+#: src/config/SSSDConfig/__init__.py.in:97
msgid "Negative cache timeout length (seconds)"
msgstr "Negatieve cache timeout duur (in seconden)"
@@ -221,17 +221,21 @@ msgstr ""
msgid "List of domains accessible even for untrusted users."
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:93
+#: src/config/SSSDConfig/__init__.py.in:91
+msgid "Message printed when user account is expired."
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:94
msgid "Whether to evaluate the time-based attributes in sudo rules"
msgstr ""
"Of de tijd-gebaseerde attributen in sudo regels moeten worden geëvalueerd"
-#: src/config/SSSDConfig/__init__.py.in:99
+#: src/config/SSSDConfig/__init__.py.in:100
msgid "Whether to hash host names and addresses in the known_hosts file"
msgstr ""
"Moeten host namen en adressen gehashd worden in het known_hosts bestand"
-#: src/config/SSSDConfig/__init__.py.in:100
+#: src/config/SSSDConfig/__init__.py.in:101
msgid ""
"How many seconds to keep a host in the known_hosts file after its host keys "
"were requested"
@@ -239,200 +243,204 @@ msgstr ""
"Hoeveel seconden moet een host in het known_hosts bestand blijven nadat de "
"host sleutels ervan werden aangevraagd"
-#: src/config/SSSDConfig/__init__.py.in:103
+#: src/config/SSSDConfig/__init__.py.in:104
msgid "List of UIDs or user names allowed to access the PAC responder"
msgstr ""
"Lijst met UID's of gebruikersnamen waarvoor toegang tot de PAC responder "
"toegestaan is"
-#: src/config/SSSDConfig/__init__.py.in:106
+#: src/config/SSSDConfig/__init__.py.in:107
msgid "List of UIDs or user names allowed to access the InfoPipe responder"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:107
+#: src/config/SSSDConfig/__init__.py.in:108
msgid "List of user attributes the InfoPipe is allowed to publish"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:110
+#: src/config/SSSDConfig/__init__.py.in:111
msgid "Identity provider"
msgstr "Identiteitaanbieder"
-#: src/config/SSSDConfig/__init__.py.in:111
+#: src/config/SSSDConfig/__init__.py.in:112
msgid "Authentication provider"
msgstr "Authentiecatieaanbieder"
-#: src/config/SSSDConfig/__init__.py.in:112
+#: src/config/SSSDConfig/__init__.py.in:113
msgid "Access control provider"
msgstr "Toegangscontroleaanbieder"
-#: src/config/SSSDConfig/__init__.py.in:113
+#: src/config/SSSDConfig/__init__.py.in:114
msgid "Password change provider"
msgstr "Wachtwoordwijzigingsaanbieder"
-#: src/config/SSSDConfig/__init__.py.in:114
+#: src/config/SSSDConfig/__init__.py.in:115
msgid "SUDO provider"
msgstr "SUDO provider"
-#: src/config/SSSDConfig/__init__.py.in:115
+#: src/config/SSSDConfig/__init__.py.in:116
msgid "Autofs provider"
msgstr "Autofs provider"
-#: src/config/SSSDConfig/__init__.py.in:116
+#: src/config/SSSDConfig/__init__.py.in:117
msgid "Session-loading provider"
msgstr "Session-loading provider"
-#: src/config/SSSDConfig/__init__.py.in:117
+#: src/config/SSSDConfig/__init__.py.in:118
msgid "Host identity provider"
msgstr "Host identity provider"
-#: src/config/SSSDConfig/__init__.py.in:120
+#: src/config/SSSDConfig/__init__.py.in:121
msgid "Minimum user ID"
msgstr "Minimum gebruiker ID"
-#: src/config/SSSDConfig/__init__.py.in:121
+#: src/config/SSSDConfig/__init__.py.in:122
msgid "Maximum user ID"
msgstr "Maximum gebruiker ID"
-#: src/config/SSSDConfig/__init__.py.in:122
+#: src/config/SSSDConfig/__init__.py.in:123
msgid "Enable enumerating all users/groups"
msgstr "Schakel enumeratie van alle gebruikers/groepen"
-#: src/config/SSSDConfig/__init__.py.in:123
+#: src/config/SSSDConfig/__init__.py.in:124
msgid "Cache credentials for offline login"
msgstr "Cache inloggegevens voor offline gebruik"
-#: src/config/SSSDConfig/__init__.py.in:124
+#: src/config/SSSDConfig/__init__.py.in:125
msgid "Store password hashes"
msgstr "Sla vingerafdrukken van wachtwoorden op"
-#: src/config/SSSDConfig/__init__.py.in:125
+#: src/config/SSSDConfig/__init__.py.in:126
msgid "Display users/groups in fully-qualified form"
msgstr "Laat gebruikers/groepen in volledige vorm zien"
-#: src/config/SSSDConfig/__init__.py.in:126
+#: src/config/SSSDConfig/__init__.py.in:127
msgid "Don't include group members in group lookups"
msgstr "Neem groepsleden niet mee in groep zoekacties"
-#: src/config/SSSDConfig/__init__.py.in:127
-#: src/config/SSSDConfig/__init__.py.in:134
+#: src/config/SSSDConfig/__init__.py.in:128
#: src/config/SSSDConfig/__init__.py.in:135
#: src/config/SSSDConfig/__init__.py.in:136
#: src/config/SSSDConfig/__init__.py.in:137
#: src/config/SSSDConfig/__init__.py.in:138
#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "Entry cache timeout length (seconds)"
msgstr "Entry cache timeout duur (in seconden)"
-#: src/config/SSSDConfig/__init__.py.in:128
+#: src/config/SSSDConfig/__init__.py.in:129
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr ""
"Beperk of geef de voorkeur aan een specifieke adresfamilie wanneer er DNS-"
"lookups uitgevoerd worden"
-#: src/config/SSSDConfig/__init__.py.in:129
+#: src/config/SSSDConfig/__init__.py.in:130
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
"Hoe lang blijven gegevens opgeslagen na een succesvolle login (in dagen)"
-#: src/config/SSSDConfig/__init__.py.in:130
+#: src/config/SSSDConfig/__init__.py.in:131
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr ""
"Hoe lang te wachten op antwoord van de DSN bij het opzoeken van servers (in "
"seconden)"
-#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "The domain part of service discovery DNS query"
msgstr "Het domeingedeelte van DNS queries die service discovery uitvoeren"
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "Override GID value from the identity provider with this value"
msgstr "Overschrijf GID waarde van de identiteit aanbieder met deze waarde"
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Treat usernames as case sensitive"
msgstr "Behandel gebruikersnamen als hoofdlettergevoelig"
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "How often should expired entries be refreshed in background"
msgstr "Hoe vaak moeten verlopen ingangen op de achtergrond ververst worden"
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "Whether to automatically update the client's DNS entry"
msgstr "Of de DNS ingang van de cliënt automatisch vernieuwd moet worden"
-#: src/config/SSSDConfig/__init__.py.in:142
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:143
+#: src/config/SSSDConfig/__init__.py.in:159
msgid "The TTL to apply to the client's DNS entry after updating it"
msgstr ""
"De TTL die toegepast moet worden op de DNS ingang van de cliënt na het "
"vernieuwen hiervan"
-#: src/config/SSSDConfig/__init__.py.in:143
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
"De adapter wiens IP-adres gebruikt moet worden voor het dynamisch bijwerken "
"van de DNS"
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:145
msgid "How often to periodically update the client's DNS entry"
msgstr "Hoe vaak de DNS ingang van de client periodiek vernieuwd moet worden"
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:146
msgid "Whether the provider should explicitly update the PTR record as well"
msgstr "Of de provider ook de PTR record expliciet moet vernieuwen"
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:147
msgid "Whether the nsupdate utility should default to using TCP"
msgstr "Of het nsupdate hulpprogramma standaard TCP moet gebruiken"
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "What kind of authentication should be used to perform the DNS update"
msgstr ""
"Welke soort authenticatie moet gebruikt worden om de DNS vernieuwing uit te "
"voeren"
-#: src/config/SSSDConfig/__init__.py.in:148
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "Control enumeration of trusted domains"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:149
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "How often should subdomains list be refreshed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:152
+#: src/config/SSSDConfig/__init__.py.in:151
+msgid "List of options that should be inherited into a subdomain"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:154
msgid "IPA domain"
msgstr "IPA-domein"
-#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:155
msgid "IPA server address"
msgstr "IPA-serveradres"
-#: src/config/SSSDConfig/__init__.py.in:154
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Address of backup IPA server"
msgstr "Adres van back-up IPA server"
-#: src/config/SSSDConfig/__init__.py.in:155
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "IPA client hostname"
msgstr "IPA-clienthostname"
-#: src/config/SSSDConfig/__init__.py.in:156
+#: src/config/SSSDConfig/__init__.py.in:158
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
"Of de DNS-gegevens van de client automatisch bijgewerkt moeten worden in "
"FreeIPA"
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:161
msgid "Search base for HBAC related objects"
msgstr "Zoek basis voor HBAC gerelateerde objecten"
-#: src/config/SSSDConfig/__init__.py.in:160
+#: src/config/SSSDConfig/__init__.py.in:162
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr "De tijdsduur tussen het opzoeken van HBAC regels voor de IPA server"
-#: src/config/SSSDConfig/__init__.py.in:161
+#: src/config/SSSDConfig/__init__.py.in:163
msgid ""
"The amount of time in seconds between lookups of the SELinux maps against "
"the IPA server"
@@ -440,343 +448,347 @@ msgstr ""
"De tijdsduur in seconden tussen zoekopdrachten in de SELinux mappen voor de "
"IPA server"
-#: src/config/SSSDConfig/__init__.py.in:162
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr "Als DENY regels aanwezig zijn, dat DENY_ALL of IGNORE"
-#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
"Als dit op false ingesteld is, wordt het host argument gegeven door PAM "
"genegeerd"
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "The automounter location this IPA client is using"
msgstr "De automounter locatie die door deze IPA client wordt gebruikt"
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Search base for object containing info about IPA domain"
msgstr "Zoek in base voor object die info over IPA domein bevat "
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:168
msgid "Search base for objects containing info about ID ranges"
msgstr "Zoek in base voor objecten die info over ID bereiken bevat"
-#: src/config/SSSDConfig/__init__.py.in:167
-#: src/config/SSSDConfig/__init__.py.in:181
+#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:183
msgid "Enable DNS sites - location based service discovery"
msgstr "Zet DNS sites aan - locatie gebaseerde service ontdekking"
-#: src/config/SSSDConfig/__init__.py.in:168
+#: src/config/SSSDConfig/__init__.py.in:170
msgid "Search base for view containers"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:171
msgid "Objectclass for view containers"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:170
+#: src/config/SSSDConfig/__init__.py.in:172
msgid "Attribute with the name of the view"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
msgid "Objectclass for override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:172
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Attribute with the reference to the original object"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:175
msgid "Objectclass for user override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:176
msgid "Objectclass for group override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "Active Directory domain"
msgstr "Active Directory domein"
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "Active Directory server address"
msgstr "Active Directory server adres"
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "Active Directory backup server address"
msgstr "Active Directory back-up server adres"
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "Active Directory client hostname"
msgstr "Active Directory cliënt hostnaam"
-#: src/config/SSSDConfig/__init__.py.in:182
-#: src/config/SSSDConfig/__init__.py.in:357
+#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:360
msgid "LDAP filter to determine access privileges"
msgstr "LDAP-filter om toegangsprivileges mee te bepalen"
-#: src/config/SSSDConfig/__init__.py.in:183
+#: src/config/SSSDConfig/__init__.py.in:185
msgid "Whether to use the Global Catalog for lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Operation mode for GPO-based access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:187
msgid ""
"The amount of time between lookups of the GPO policy files against the AD "
"server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:186
+#: src/config/SSSDConfig/__init__.py.in:188
msgid ""
"PAM service names that map to the GPO (Deny)InteractiveLogonRight policy "
"settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:189
msgid ""
"PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight "
"policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:190
msgid ""
"PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:191
msgid ""
"PAM service names that map to the GPO (Deny)BatchLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:192
msgid ""
"PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "PAM service names for which GPO-based access is always granted"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "PAM service names for which GPO-based access is always denied"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:195
msgid ""
"Default logon right (or permit/deny) to use for unmapped PAM service names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "a particular site to be used by the client"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:197
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "Kerberos server address"
msgstr "Kerberos-serveradres"
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Kerberos backup server address"
msgstr "Kerberos back-up server adres"
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "Kerberos realm"
msgstr "Kerberos-rijk"
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "Authentication timeout"
msgstr "Authenticatie timeout"
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "Whether to create kdcinfo files"
msgstr "Moeten kdcinfo bestanden aangemaakt worden"
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "Where to drop krb5 config snippets"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "Directory to store credential caches"
msgstr "Werkmap waar authenticatiegegevens opgeslagen worden"
-#: src/config/SSSDConfig/__init__.py.in:207
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "Location of the user's credential cache"
msgstr "Locatie van de authenticatiecache van de gebruiker"
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:210
msgid "Location of the keytab to validate credentials"
msgstr "Locatie van de keytab om authenticatiegegevens te valideren"
-#: src/config/SSSDConfig/__init__.py.in:209
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "Enable credential validation"
msgstr "Schakel authenticatiegegevensvalidatie in"
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:212
msgid "Store password if offline for later online authentication"
msgstr ""
"Sla het wachtwoord op indien offline voor later gebruik bij online "
"authenticatie"
-#: src/config/SSSDConfig/__init__.py.in:211
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Renewable lifetime of the TGT"
msgstr "Vernieuwbare levensduur van de TGT"
-#: src/config/SSSDConfig/__init__.py.in:212
+#: src/config/SSSDConfig/__init__.py.in:214
msgid "Lifetime of the TGT"
msgstr "Levensduur van de TGT"
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:215
msgid "Time between two checks for renewal"
msgstr "Tijd tussen twee checks voor vernieuwing"
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "Enables FAST"
msgstr "Zet FAST aan"
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "Selects the principal to use for FAST"
msgstr "Selecteert de hoofdpersoon te gebruiken voor FAST "
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:218
msgid "Enables principal canonicalization"
msgstr "Zet hoofdpersoon sanctioneren aan"
-#: src/config/SSSDConfig/__init__.py.in:217
+#: src/config/SSSDConfig/__init__.py.in:219
msgid "Enables enterprise principals"
msgstr "Zet enterprise principals aan"
#: src/config/SSSDConfig/__init__.py.in:220
-#: src/config/SSSDConfig/__init__.py.in:221
+msgid "A mapping from user names to kerberos principal names"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:224
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
"Server waar het wachtwoord wijzigingsservice draait indien niet op de KDC"
-#: src/config/SSSDConfig/__init__.py.in:224
+#: src/config/SSSDConfig/__init__.py.in:227
msgid "ldap_uri, The URI of the LDAP server"
msgstr "ldap_uri, de URI van de LDAP server"
-#: src/config/SSSDConfig/__init__.py.in:225
+#: src/config/SSSDConfig/__init__.py.in:228
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr "ldap_backup_uri, De URI van de LDAP server"
-#: src/config/SSSDConfig/__init__.py.in:226
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "The default base DN"
msgstr "De standaard base DN"
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr "Het schema type wat gebruikt wordt op de LDAP server, rfc2307"
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "The default bind DN"
msgstr "De standaard bind DN"
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "The type of the authentication token of the default bind DN"
msgstr "Het type authenticatietoken van de standaard bind DN"
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "The authentication token of the default bind DN"
msgstr "Het authenticatietoken van de standaard bind DN"
-#: src/config/SSSDConfig/__init__.py.in:231
+#: src/config/SSSDConfig/__init__.py.in:234
msgid "Length of time to attempt connection"
msgstr "Hoe lang pogen te verbinden"
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Length of time to attempt synchronous LDAP operations"
msgstr "Hoe lang proberen synchroon LDAP te benaderen"
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "Length of time between attempts to reconnect while offline"
msgstr ""
"Duur tussen pogingen om de verbinding opnieuw tot stand te brengen tijdens "
"offline zijn"
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Use only the upper case for realm names"
msgstr "Gebruik alleen hoofdletters voor gebiedsnamen"
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "File that contains CA certificates"
msgstr "Bestand dat de bekende CA-certificaten bevat"
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Path to CA certificate directory"
msgstr "Pad naar de CA-certificatenmap"
-#: src/config/SSSDConfig/__init__.py.in:237
+#: src/config/SSSDConfig/__init__.py.in:240
msgid "File that contains the client certificate"
msgstr "Bestand dat het client certificaat bevat"
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "File that contains the client key"
msgstr "Bestand dat de client sleutel bevat"
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "List of possible ciphers suites"
msgstr "Lijst van mogelijke sleutel suites"
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "Require TLS certificate verification"
msgstr "Vereis verificatie van het TLS-certificaat"
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "Specify the sasl mechanism to use"
msgstr "Geef het SASL-mechanisme op wat gebruikt moet worden"
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "Specify the sasl authorization id to use"
msgstr "Geef het SASL-authorisatie-ID op wat gebruikt moet worden"
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "Specify the sasl authorization realm to use"
msgstr "Specificeer het te gebruiken sasl autorisatiegebied "
-#: src/config/SSSDConfig/__init__.py.in:244
+#: src/config/SSSDConfig/__init__.py.in:247
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr "Specificeer de minimale SSF voor LDAP sasl autorisatie"
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Kerberos service keytab"
msgstr "Kerberos service keytab"
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "Use Kerberos auth for LDAP connection"
msgstr "Gebruik Kerberos authenticatie voor LDAP-connectie"
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "Follow LDAP referrals"
msgstr "Volg LDAP-doorverwijzingen"
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "Lifetime of TGT for LDAP connection"
msgstr "Levensduur van TGT voor LDAP-connectie"
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "How to dereference aliases"
msgstr "Hoe moet de alias referentie verwijderd worden"
-#: src/config/SSSDConfig/__init__.py.in:250
+#: src/config/SSSDConfig/__init__.py.in:253
msgid "Service name for DNS service lookups"
msgstr "Service naam voor DNS service opzoeken"
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
"Het aantal records dat opgehaald moet worden met een enkele LDAP bevraging"
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
"Het aantal leden van moet ontbreken om een volledige de-referentie te "
"veroorzaken"
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
@@ -784,364 +796,364 @@ msgstr ""
"Moet de LDAP bibliotheek omgekeerd opzoeken uitvoeren om de hostnaam te "
"autoriseren tijdens een SASL binding"
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "entryUSN attribute"
msgstr "entryUSN attribuut"
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "lastUSN attribute"
msgstr "lastUSN attribuut"
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
"Hoe lang een verbinding met de LDAP server gebouden moet blijven voordat het "
"losgekoppeld wordt"
-#: src/config/SSSDConfig/__init__.py.in:260
+#: src/config/SSSDConfig/__init__.py.in:263
msgid "Disable the LDAP paging control"
msgstr "Het LDAP paging besturingselement uitschakelen"
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "Disable Active Directory range retrieval"
msgstr "Zet Active Directory bereik opvragen uit"
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "Length of time to wait for a search request"
msgstr "Tijd om te wachten op een zoekopdracht"
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "Length of time to wait for a enumeration request"
msgstr "Tijdsduur te wachten voor een opsommingsverzoek"
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "Length of time between enumeration updates"
msgstr "Tijd om te wachten tussen enumeratie-updates"
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "Length of time between cache cleanups"
msgstr "Tijdsduur tussen cache opschoningen"
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "Require TLS for ID lookups"
msgstr "Vereis TLS voor het opzoeken van ID's"
-#: src/config/SSSDConfig/__init__.py.in:269
+#: src/config/SSSDConfig/__init__.py.in:272
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr "Gebruik ID-mapping van objectSID gebruiken in plaats van pre-set ID's"
-#: src/config/SSSDConfig/__init__.py.in:270
+#: src/config/SSSDConfig/__init__.py.in:273
msgid "Base DN for user lookups"
msgstr "Base DN voor het opzoeken van gebruikers"
-#: src/config/SSSDConfig/__init__.py.in:271
+#: src/config/SSSDConfig/__init__.py.in:274
msgid "Scope of user lookups"
msgstr "Scope voor het opzoeken van gebruikers"
-#: src/config/SSSDConfig/__init__.py.in:272
+#: src/config/SSSDConfig/__init__.py.in:275
msgid "Filter for user lookups"
msgstr "Filter voor het opzoeken van gebruikers"
-#: src/config/SSSDConfig/__init__.py.in:273
+#: src/config/SSSDConfig/__init__.py.in:276
msgid "Objectclass for users"
msgstr "Objectclass voor gebruikers"
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Username attribute"
msgstr "Username-attribuut"
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "UID attribute"
msgstr "UID-attribuut"
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "Primary GID attribute"
msgstr "Primair GID-attribuut"
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "GECOS attribute"
msgstr "GECOS-attribuut"
-#: src/config/SSSDConfig/__init__.py.in:279
+#: src/config/SSSDConfig/__init__.py.in:282
msgid "Home directory attribute"
msgstr "Gebruikersmap-attribuut"
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "Shell attribute"
msgstr "Shell-attribuut"
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
#, fuzzy
msgid "UUID attribute"
msgstr "UID-attribuut"
-#: src/config/SSSDConfig/__init__.py.in:282
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:322
msgid "objectSID attribute"
msgstr "objectSID attribuut"
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Active Directory primary group attribute for ID-mapping"
msgstr "Active Directory primaire groep attribuut voor ID-mapping"
-#: src/config/SSSDConfig/__init__.py.in:284
+#: src/config/SSSDConfig/__init__.py.in:287
msgid "User principal attribute (for Kerberos)"
msgstr "Userprincipal-attribuut (voor Kerberos)"
-#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:288
msgid "Full Name"
msgstr "Volledige naam"
-#: src/config/SSSDConfig/__init__.py.in:286
+#: src/config/SSSDConfig/__init__.py.in:289
msgid "memberOf attribute"
msgstr "memberOf-attribuut"
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Modification time attribute"
msgstr "Modification time-attribuut"
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "shadowLastChange attribute"
msgstr "shadowLastChange attribuut"
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "shadowMin attribute"
msgstr "shadowMin attribuut"
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "shadowMax attribute"
msgstr "shadowMax attribuut"
-#: src/config/SSSDConfig/__init__.py.in:292
+#: src/config/SSSDConfig/__init__.py.in:295
msgid "shadowWarning attribute"
msgstr "shadowWarning attribuut"
-#: src/config/SSSDConfig/__init__.py.in:293
+#: src/config/SSSDConfig/__init__.py.in:296
msgid "shadowInactive attribute"
msgstr "shadowInactive attribuut"
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "shadowExpire attribute"
msgstr "shadowExpire attribuut"
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "shadowFlag attribute"
msgstr "shadowFlag attribuut"
-#: src/config/SSSDConfig/__init__.py.in:296
+#: src/config/SSSDConfig/__init__.py.in:299
msgid "Attribute listing authorized PAM services"
msgstr "Attribuut voor tonen van geautoriseerde PAM services"
-#: src/config/SSSDConfig/__init__.py.in:297
+#: src/config/SSSDConfig/__init__.py.in:300
msgid "Attribute listing authorized server hosts"
msgstr "Attribuut dat geautoriseerde server hosts toont"
-#: src/config/SSSDConfig/__init__.py.in:298
+#: src/config/SSSDConfig/__init__.py.in:301
msgid "krbLastPwdChange attribute"
msgstr "krbLastPwdChange attribuut"
-#: src/config/SSSDConfig/__init__.py.in:299
+#: src/config/SSSDConfig/__init__.py.in:302
msgid "krbPasswordExpiration attribute"
msgstr "krbPasswordExpiration attribuut"
-#: src/config/SSSDConfig/__init__.py.in:300
+#: src/config/SSSDConfig/__init__.py.in:303
msgid "Attribute indicating that server side password policies are active"
msgstr "Attribuut welke aangeeft dat wachtwoordtactiek op de server actief is"
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "accountExpires attribute of AD"
msgstr "accountExpires attribuut van AD"
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "userAccountControl attribute of AD"
msgstr "userAccountControl attribuut van AD"
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "nsAccountLock attribute"
msgstr "nsAccountLock attribuut"
-#: src/config/SSSDConfig/__init__.py.in:304
+#: src/config/SSSDConfig/__init__.py.in:307
msgid "loginDisabled attribute of NDS"
msgstr "loginDisabled attribuut van NDS"
-#: src/config/SSSDConfig/__init__.py.in:305
+#: src/config/SSSDConfig/__init__.py.in:308
msgid "loginExpirationTime attribute of NDS"
msgstr "loginExpirationTime attribuut van NDS"
-#: src/config/SSSDConfig/__init__.py.in:306
+#: src/config/SSSDConfig/__init__.py.in:309
msgid "loginAllowedTimeMap attribute of NDS"
msgstr "loginAllowedTimeMap attribuut van NDS"
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "SSH public key attribute"
msgstr "SSH publieke sleutel attribuut"
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "A list of extra attributes to download along with the user entry"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:310
+#: src/config/SSSDConfig/__init__.py.in:313
msgid "Base DN for group lookups"
msgstr "Basis DN voor groep opzoeken"
-#: src/config/SSSDConfig/__init__.py.in:313
+#: src/config/SSSDConfig/__init__.py.in:316
msgid "Objectclass for groups"
msgstr "Objectklasse voor groepen"
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "Group name"
msgstr "Groepsnaam"
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Group password"
msgstr "Groep wachtwoord"
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid "GID attribute"
msgstr "GID attribuut"
-#: src/config/SSSDConfig/__init__.py.in:317
+#: src/config/SSSDConfig/__init__.py.in:320
msgid "Group member attribute"
msgstr "Groep deelnemer attribuut"
-#: src/config/SSSDConfig/__init__.py.in:318
+#: src/config/SSSDConfig/__init__.py.in:321
#, fuzzy
msgid "Group UUID attribute"
msgstr "UID-attribuut"
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "Modification time attribute for groups"
msgstr "Verandertijd attribuut voor groepen"
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "Type of the group and other flags"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:323
+#: src/config/SSSDConfig/__init__.py.in:326
msgid "Maximum nesting level SSSd will follow"
msgstr "Maximale nest niveau dat SSSd zal volgen"
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Base DN for netgroup lookups"
msgstr "Basis DN voor netgroep opzoeken"
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Objectclass for netgroups"
msgstr "Objectklasse voor netgroepen"
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Netgroup name"
msgstr "Netgroep naam"
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Netgroups members attribute"
msgstr "Netgroep leden attribuut"
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid "Netgroup triple attribute"
msgstr "Netgroep triple attibuut"
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "Modification time attribute for netgroups"
msgstr "Verandertijd attribuut voor netgroepen"
-#: src/config/SSSDConfig/__init__.py.in:332
+#: src/config/SSSDConfig/__init__.py.in:335
msgid "Base DN for service lookups"
msgstr "Basis DN voor service lookups"
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Objectclass for services"
msgstr "Objectclass voor services"
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Service name attribute"
msgstr "Service naam attribuut"
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Service port attribute"
msgstr "Service port attribuut"
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Service protocol attribute"
msgstr "Service protocol attribuut"
-#: src/config/SSSDConfig/__init__.py.in:339
+#: src/config/SSSDConfig/__init__.py.in:342
msgid "Lower bound for ID-mapping"
msgstr "Ondergrens voor ID-mapping"
-#: src/config/SSSDConfig/__init__.py.in:340
+#: src/config/SSSDConfig/__init__.py.in:343
msgid "Upper bound for ID-mapping"
msgstr "Bovengrens voor ID-mapping"
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Number of IDs for each slice when ID-mapping"
msgstr "Aantal ID's voor elk segment bij ID-mapping"
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr "Gebruik autorid-compatibel algoritme voor ID-mapping"
-#: src/config/SSSDConfig/__init__.py.in:343
+#: src/config/SSSDConfig/__init__.py.in:346
msgid "Name of the default domain for ID-mapping"
msgstr "Naam van het standaard domein voor ID-mapping"
-#: src/config/SSSDConfig/__init__.py.in:344
+#: src/config/SSSDConfig/__init__.py.in:347
msgid "SID of the default domain for ID-mapping"
msgstr "SID van het standaard domein voor ID-mapping"
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr "Gebruik LDAP_MATCHING_RULE_IN_CHAIN voor groep opzoeken"
-#: src/config/SSSDConfig/__init__.py.in:347
+#: src/config/SSSDConfig/__init__.py.in:350
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr "Gebruik LDAP_MATCHING_RULE_IN_CHAIN voor initgroep opzoeken"
-#: src/config/SSSDConfig/__init__.py.in:348
+#: src/config/SSSDConfig/__init__.py.in:351
msgid "Whether to use Token-Groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "Set lower boundary for allowed IDs from the LDAP server"
msgstr "Laagste grens instellen voor toegestane id's van de LDAP-server"
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Set upper boundary for allowed IDs from the LDAP server"
msgstr "Hoogste grens instellen voor toegestane id's van de LDAP-server"
-#: src/config/SSSDConfig/__init__.py.in:351
+#: src/config/SSSDConfig/__init__.py.in:354
msgid "DN for ppolicy queries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:354
+#: src/config/SSSDConfig/__init__.py.in:357
msgid "Policy to evaluate the password expiration"
msgstr "Policy om wacthwoordverloop mee te evalueren"
-#: src/config/SSSDConfig/__init__.py.in:358
+#: src/config/SSSDConfig/__init__.py.in:361
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
"Welke attributen worden gebruikt voor evaluatie als het account verlopen is"
-#: src/config/SSSDConfig/__init__.py.in:359
+#: src/config/SSSDConfig/__init__.py.in:362
msgid "Which rules should be used to evaluate access control"
msgstr ""
"Welke regels moeten gebruikt worden voor de evaluatie van toegangscontrole"
-#: src/config/SSSDConfig/__init__.py.in:362
+#: src/config/SSSDConfig/__init__.py.in:365
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
"URI van een LDAP server waarop wachtwoord veranderingen toegestaan zijn"
-#: src/config/SSSDConfig/__init__.py.in:363
+#: src/config/SSSDConfig/__init__.py.in:366
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
"URI van een back-up LDAP server waar wachtwoord veranderingen toegestaan zijn"
-#: src/config/SSSDConfig/__init__.py.in:364
+#: src/config/SSSDConfig/__init__.py.in:367
msgid "DNS service name for LDAP password change server"
msgstr "DNS service naam voor LDAP wachtwoord verander server"
-#: src/config/SSSDConfig/__init__.py.in:365
+#: src/config/SSSDConfig/__init__.py.in:368
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
@@ -1149,23 +1161,23 @@ msgstr ""
"Moet het ldap_user_shadow_last_change attribuut vernieuwd worden na een "
"wachtwoordwijziging"
-#: src/config/SSSDConfig/__init__.py.in:368
+#: src/config/SSSDConfig/__init__.py.in:371
msgid "Base DN for sudo rules lookups"
msgstr "Basis DN voor sudo regels lookups"
-#: src/config/SSSDConfig/__init__.py.in:369
+#: src/config/SSSDConfig/__init__.py.in:372
msgid "Automatic full refresh period"
msgstr "Automatische volledige ververs periode"
-#: src/config/SSSDConfig/__init__.py.in:370
+#: src/config/SSSDConfig/__init__.py.in:373
msgid "Automatic smart refresh period"
msgstr "Automatische slimme ververs periode"
-#: src/config/SSSDConfig/__init__.py.in:371
+#: src/config/SSSDConfig/__init__.py.in:374
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr "Moeten regels gefilterd worden volgens hostnaam, IP adres en netwerk"
-#: src/config/SSSDConfig/__init__.py.in:372
+#: src/config/SSSDConfig/__init__.py.in:375
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
@@ -1173,121 +1185,121 @@ msgstr ""
"Hostnamen en/of volledig gekwalificeerde domeinnamen van deze machine voor "
"het filteren van sudo regels"
-#: src/config/SSSDConfig/__init__.py.in:373
+#: src/config/SSSDConfig/__init__.py.in:376
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
"IPv4 of IPv6 adressen of netwerk van deze machine voor het filteren van sudo "
"regels"
-#: src/config/SSSDConfig/__init__.py.in:374
+#: src/config/SSSDConfig/__init__.py.in:377
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
"Moeten regels toegevoegd worden die netgroep bevatten in host attribuut "
-#: src/config/SSSDConfig/__init__.py.in:375
+#: src/config/SSSDConfig/__init__.py.in:378
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
"Moeten regels toegevoegd worden die regulaire expressie bevatten in host "
"attribuut "
-#: src/config/SSSDConfig/__init__.py.in:376
+#: src/config/SSSDConfig/__init__.py.in:379
msgid "Object class for sudo rules"
msgstr "Objectklasse voor sudo regels"
-#: src/config/SSSDConfig/__init__.py.in:377
+#: src/config/SSSDConfig/__init__.py.in:380
msgid "Sudo rule name"
msgstr "Sudo regelnaam"
-#: src/config/SSSDConfig/__init__.py.in:378
+#: src/config/SSSDConfig/__init__.py.in:381
msgid "Sudo rule command attribute"
msgstr "Sudo regel opdracht attribuut"
-#: src/config/SSSDConfig/__init__.py.in:379
+#: src/config/SSSDConfig/__init__.py.in:382
msgid "Sudo rule host attribute"
msgstr "Sudo regel host attribuut"
-#: src/config/SSSDConfig/__init__.py.in:380
+#: src/config/SSSDConfig/__init__.py.in:383
msgid "Sudo rule user attribute"
msgstr "Sudo regel gebruiker attribuut"
-#: src/config/SSSDConfig/__init__.py.in:381
+#: src/config/SSSDConfig/__init__.py.in:384
msgid "Sudo rule option attribute"
msgstr "Sudo regel optie attribuut"
-#: src/config/SSSDConfig/__init__.py.in:382
+#: src/config/SSSDConfig/__init__.py.in:385
msgid "Sudo rule runas attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:383
+#: src/config/SSSDConfig/__init__.py.in:386
msgid "Sudo rule runasuser attribute"
msgstr "Sudo regel runasuser attribuut"
-#: src/config/SSSDConfig/__init__.py.in:384
+#: src/config/SSSDConfig/__init__.py.in:387
msgid "Sudo rule runasgroup attribute"
msgstr "Sudo regel runasgroup attribuut"
-#: src/config/SSSDConfig/__init__.py.in:385
+#: src/config/SSSDConfig/__init__.py.in:388
msgid "Sudo rule notbefore attribute"
msgstr "Sudo regel notbefore attribuut"
-#: src/config/SSSDConfig/__init__.py.in:386
+#: src/config/SSSDConfig/__init__.py.in:389
msgid "Sudo rule notafter attribute"
msgstr "Sudo regel notafter attribuut"
-#: src/config/SSSDConfig/__init__.py.in:387
+#: src/config/SSSDConfig/__init__.py.in:390
msgid "Sudo rule order attribute"
msgstr "Sudo regel volgorde attribuut"
-#: src/config/SSSDConfig/__init__.py.in:390
+#: src/config/SSSDConfig/__init__.py.in:393
msgid "Object class for automounter maps"
msgstr "Object class voor automounter maps"
-#: src/config/SSSDConfig/__init__.py.in:391
+#: src/config/SSSDConfig/__init__.py.in:394
msgid "Automounter map name attribute"
msgstr "Automounter map naam attribuut"
-#: src/config/SSSDConfig/__init__.py.in:392
+#: src/config/SSSDConfig/__init__.py.in:395
msgid "Object class for automounter map entries"
msgstr "Objectklasse voor automounter map ingaven"
-#: src/config/SSSDConfig/__init__.py.in:393
+#: src/config/SSSDConfig/__init__.py.in:396
msgid "Automounter map entry key attribute"
msgstr "Automounter map sleutel ingave attribuut"
-#: src/config/SSSDConfig/__init__.py.in:394
+#: src/config/SSSDConfig/__init__.py.in:397
msgid "Automounter map entry value attribute"
msgstr "Automounter map ingavewaarde attribuut"
-#: src/config/SSSDConfig/__init__.py.in:395
+#: src/config/SSSDConfig/__init__.py.in:398
msgid "Base DN for automounter map lookups"
msgstr "Basis DN voor automounter kaart opzoeken"
-#: src/config/SSSDConfig/__init__.py.in:398
+#: src/config/SSSDConfig/__init__.py.in:401
msgid "Comma separated list of allowed users"
msgstr "Kommagescheiden lijst van toegestane gebruikers"
-#: src/config/SSSDConfig/__init__.py.in:399
+#: src/config/SSSDConfig/__init__.py.in:402
msgid "Comma separated list of prohibited users"
msgstr "Kommagescheiden lijst van geweigerde gebruikers"
-#: src/config/SSSDConfig/__init__.py.in:402
+#: src/config/SSSDConfig/__init__.py.in:405
msgid "Default shell, /bin/bash"
msgstr "Standaard shell, /bin/bash"
-#: src/config/SSSDConfig/__init__.py.in:403
+#: src/config/SSSDConfig/__init__.py.in:406
msgid "Base for home directories"
msgstr "Basis voor gebruikersmappen"
-#: src/config/SSSDConfig/__init__.py.in:406
+#: src/config/SSSDConfig/__init__.py.in:409
msgid "The name of the NSS library to use"
msgstr "De naam van de NSS-bibliotheek die gebruikt wordt"
-#: src/config/SSSDConfig/__init__.py.in:407
+#: src/config/SSSDConfig/__init__.py.in:410
msgid "Whether to look up canonical group name from cache if possible"
msgstr "Moet indien mogelijk canonieke groepsnaam in cache opgezocht worden "
-#: src/config/SSSDConfig/__init__.py.in:410
+#: src/config/SSSDConfig/__init__.py.in:413
msgid "PAM stack to use"
msgstr "PAM-stack die gebruikt wordt"
@@ -1307,26 +1319,26 @@ msgstr "Geef een niet-standaard configuratiebestand op"
msgid "Print version number and exit"
msgstr "Print versie nummer en sluit af"
-#: src/providers/krb5/krb5_child.c:2342 src/providers/ldap/ldap_child.c:589
+#: src/providers/krb5/krb5_child.c:2342 src/providers/ldap/ldap_child.c:609
#: src/util/util.h:108
msgid "Debug level"
msgstr "Debug niveau"
-#: src/providers/krb5/krb5_child.c:2344 src/providers/ldap/ldap_child.c:591
+#: src/providers/krb5/krb5_child.c:2344 src/providers/ldap/ldap_child.c:611
#: src/util/util.h:114
msgid "Add debug timestamps"
msgstr "Voeg tijdstempels toe aan debugberichten"
-#: src/providers/krb5/krb5_child.c:2346 src/providers/ldap/ldap_child.c:593
+#: src/providers/krb5/krb5_child.c:2346 src/providers/ldap/ldap_child.c:613
#: src/util/util.h:116
msgid "Show timestamps with microseconds"
msgstr "Toon tijdstempel met microseconden"
-#: src/providers/krb5/krb5_child.c:2348 src/providers/ldap/ldap_child.c:595
+#: src/providers/krb5/krb5_child.c:2348 src/providers/ldap/ldap_child.c:615
msgid "An open file descriptor for the debug logs"
msgstr "Een geopend bestand voor de debug logs"
-#: src/providers/krb5/krb5_child.c:2351 src/providers/ldap/ldap_child.c:597
+#: src/providers/krb5/krb5_child.c:2351 src/providers/ldap/ldap_child.c:617
#: src/util/util.h:112
msgid "Send the debug output to stderr directly."
msgstr ""
@@ -1339,101 +1351,106 @@ msgstr ""
msgid "The group to create FAST ccache as"
msgstr ""
-#: src/providers/data_provider_be.c:2833
+#: src/providers/data_provider_be.c:2834
msgid "Domain of the information provider (mandatory)"
msgstr "Domein voor de informatie provider (verplicht)"
-#: src/sss_client/common.c:969
+#: src/sss_client/common.c:971
msgid "Privileged socket has wrong ownership or permissions."
msgstr "Socket met privileges heeft verkeerde rechten of eigendom."
-#: src/sss_client/common.c:972
+#: src/sss_client/common.c:974
msgid "Public socket has wrong ownership or permissions."
msgstr "Publiek socket heeft verkeerde rechten of eigendom."
-#: src/sss_client/common.c:975
+#: src/sss_client/common.c:977
msgid "Unexpected format of the server credential message."
msgstr "Onverwacht formaat van het inloggegevensbericht van de server."
-#: src/sss_client/common.c:978
+#: src/sss_client/common.c:980
msgid "SSSD is not run by root."
msgstr "SSSD wordt niet door root gestart."
-#: src/sss_client/common.c:983
+#: src/sss_client/common.c:985
msgid "An error occurred, but no description can be found."
msgstr ""
"Er is een fout opgetreden, maar er kan geen omschrijving gevonden worden."
-#: src/sss_client/common.c:989
+#: src/sss_client/common.c:991
msgid "Unexpected error while looking for an error description"
msgstr "Onverwachtte fout bij het opzoeken van een omschrijving"
-#: src/sss_client/pam_sss.c:398
+#: src/sss_client/pam_sss.c:63
+msgid "Permission denied. "
+msgstr ""
+
+#: src/sss_client/pam_sss.c:64 src/sss_client/pam_sss.c:883
+#: src/sss_client/pam_sss.c:894
+msgid "Server message: "
+msgstr "Serverbericht:"
+
+#: src/sss_client/pam_sss.c:401
msgid "Passwords do not match"
msgstr "Wachtwoorden komen niet overeen"
-#: src/sss_client/pam_sss.c:586
+#: src/sss_client/pam_sss.c:589
msgid "Password reset by root is not supported."
msgstr "Wachtwoorden als root wijzigen wordt niet ondersteund."
-#: src/sss_client/pam_sss.c:627
+#: src/sss_client/pam_sss.c:630
msgid "Authenticated with cached credentials"
msgstr "Geauthenticeerd met gecachte inloggegevens."
-#: src/sss_client/pam_sss.c:628
+#: src/sss_client/pam_sss.c:631
msgid ", your cached password will expire at: "
msgstr ", uw wachtwoord verloopt op:"
-#: src/sss_client/pam_sss.c:658
+#: src/sss_client/pam_sss.c:661
#, c-format
msgid "Your password has expired. You have %1$d grace login(s) remaining."
msgstr ""
"Je wachtwoord is verlopen. Je hebt nog slechts %1$d login(s) beschikbaar."
-#: src/sss_client/pam_sss.c:704
+#: src/sss_client/pam_sss.c:707
#, c-format
msgid "Your password will expire in %1$d %2$s."
msgstr "Je wachtwoord zal verlopen in %1$d %2$s."
-#: src/sss_client/pam_sss.c:753
+#: src/sss_client/pam_sss.c:756
msgid "Authentication is denied until: "
msgstr "Inloggen wordt geweigerd tot:"
-#: src/sss_client/pam_sss.c:774
+#: src/sss_client/pam_sss.c:777
msgid "System is offline, password change not possible"
msgstr "Systeem is offline, wachtwoord wijzigen niet mogelijk"
-#: src/sss_client/pam_sss.c:789
+#: src/sss_client/pam_sss.c:792
msgid ""
"After changing the OTP password, you need to log out and back in order to "
"acquire a ticket"
msgstr ""
-#: src/sss_client/pam_sss.c:820 src/sss_client/pam_sss.c:833
+#: src/sss_client/pam_sss.c:880 src/sss_client/pam_sss.c:893
msgid "Password change failed. "
msgstr "Wijzigen van wachtwoord mislukt."
-#: src/sss_client/pam_sss.c:823 src/sss_client/pam_sss.c:834
-msgid "Server message: "
-msgstr "Serverbericht:"
-
-#: src/sss_client/pam_sss.c:1274
+#: src/sss_client/pam_sss.c:1336
msgid "New Password: "
msgstr "Nieuw Wachtwoord: "
-#: src/sss_client/pam_sss.c:1275
+#: src/sss_client/pam_sss.c:1337
msgid "Reenter new Password: "
msgstr "Voer nieuw wachtwoord nogmaals in: "
-#: src/sss_client/pam_sss.c:1374
+#: src/sss_client/pam_sss.c:1436
msgid "Password: "
msgstr "Wachtwoord: "
-#: src/sss_client/pam_sss.c:1406
+#: src/sss_client/pam_sss.c:1468
msgid "Current Password: "
msgstr "Huidig wachtwoord:"
-#: src/sss_client/pam_sss.c:1582
+#: src/sss_client/pam_sss.c:1644
msgid "Password expired. Change your password now."
msgstr "Wachtwoord verlopen. Verander nu uw wachtwoord."
diff --git a/po/pl.po b/po/pl.po
index 52516bc54..9f74c26f8 100644
--- a/po/pl.po
+++ b/po/pl.po
@@ -10,7 +10,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2015-02-18 16:53+0100\n"
+"POT-Creation-Date: 2015-06-12 10:37+0200\n"
"PO-Revision-Date: 2015-01-31 11:35-0500\n"
"Last-Translator: Piotr Drąg <piotrdrag@gmail.com>\n"
"Language-Team: Polish (http://www.transifex.com/projects/p/sssd/language/"
@@ -21,7 +21,7 @@ msgstr ""
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=3; plural=(n==1 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 "
"|| n%100>=20) ? 1 : 2);\n"
-"X-Generator: Zanata 3.5.1\n"
+"X-Generator: Zanata 3.6.2\n"
#: src/config/SSSDConfig/__init__.py.in:43
msgid "Set the verbosity of the debug logging"
@@ -113,7 +113,7 @@ msgid "Entry cache background update timeout length (seconds)"
msgstr "Czas oczekiwania aktualizacji tła pamięci podręcznej wpisów (sekundy)"
#: src/config/SSSDConfig/__init__.py.in:67
-#: src/config/SSSDConfig/__init__.py.in:96
+#: src/config/SSSDConfig/__init__.py.in:97
msgid "Negative cache timeout length (seconds)"
msgstr "Ujemny czas oczekiwania pamięci podręcznej (sekundy)"
@@ -218,314 +218,322 @@ msgstr "Lista zaufanych UID lub nazw użytkowników"
msgid "List of domains accessible even for untrusted users."
msgstr "Lista domen dostępnych także dla niezaufanych użytkowników."
-#: src/config/SSSDConfig/__init__.py.in:93
+#: src/config/SSSDConfig/__init__.py.in:91
+msgid "Message printed when user account is expired."
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:94
msgid "Whether to evaluate the time-based attributes in sudo rules"
msgstr "Określa, czy szacować atrybuty oparte na czasie w regułach sudo"
-#: src/config/SSSDConfig/__init__.py.in:99
+#: src/config/SSSDConfig/__init__.py.in:100
msgid "Whether to hash host names and addresses in the known_hosts file"
msgstr "Określa, czy mieszać nazwy komputerów i adresy w pliku known_hosts"
-#: src/config/SSSDConfig/__init__.py.in:100
+#: src/config/SSSDConfig/__init__.py.in:101
msgid ""
"How many seconds to keep a host in the known_hosts file after its host keys "
"were requested"
msgstr ""
"Ile sekund przechowywać komputer w pliku known_hosts po zażądaniu jego kluczy"
-#: src/config/SSSDConfig/__init__.py.in:103
+#: src/config/SSSDConfig/__init__.py.in:104
msgid "List of UIDs or user names allowed to access the PAC responder"
msgstr ""
"Lista UID lub nazw użytkowników mających dostęp do programu odpowiadającego "
"PAC"
-#: src/config/SSSDConfig/__init__.py.in:106
+#: src/config/SSSDConfig/__init__.py.in:107
msgid "List of UIDs or user names allowed to access the InfoPipe responder"
msgstr ""
"Lista UID lub nazw użytkowników mających dostęp do programu odpowiadającego "
"InfoPipe"
-#: src/config/SSSDConfig/__init__.py.in:107
+#: src/config/SSSDConfig/__init__.py.in:108
msgid "List of user attributes the InfoPipe is allowed to publish"
msgstr "Lista atrybutów użytkownika, które InfoPipe może publikować"
-#: src/config/SSSDConfig/__init__.py.in:110
+#: src/config/SSSDConfig/__init__.py.in:111
msgid "Identity provider"
msgstr "Dostawca tożsamości"
-#: src/config/SSSDConfig/__init__.py.in:111
+#: src/config/SSSDConfig/__init__.py.in:112
msgid "Authentication provider"
msgstr "Dostawca uwierzytelniania"
-#: src/config/SSSDConfig/__init__.py.in:112
+#: src/config/SSSDConfig/__init__.py.in:113
msgid "Access control provider"
msgstr "Dostawca kontroli dostępu"
-#: src/config/SSSDConfig/__init__.py.in:113
+#: src/config/SSSDConfig/__init__.py.in:114
msgid "Password change provider"
msgstr "Dostawca zmiany hasła"
-#: src/config/SSSDConfig/__init__.py.in:114
+#: src/config/SSSDConfig/__init__.py.in:115
msgid "SUDO provider"
msgstr "Dostawca SUDO"
-#: src/config/SSSDConfig/__init__.py.in:115
+#: src/config/SSSDConfig/__init__.py.in:116
msgid "Autofs provider"
msgstr "Dostawca Autofs"
-#: src/config/SSSDConfig/__init__.py.in:116
+#: src/config/SSSDConfig/__init__.py.in:117
msgid "Session-loading provider"
msgstr "Dostawca wczytywania sesji"
-#: src/config/SSSDConfig/__init__.py.in:117
+#: src/config/SSSDConfig/__init__.py.in:118
msgid "Host identity provider"
msgstr "Dostawca tożsamości komputera"
-#: src/config/SSSDConfig/__init__.py.in:120
+#: src/config/SSSDConfig/__init__.py.in:121
msgid "Minimum user ID"
msgstr "Minimalny identyfikator użytkownika"
-#: src/config/SSSDConfig/__init__.py.in:121
+#: src/config/SSSDConfig/__init__.py.in:122
msgid "Maximum user ID"
msgstr "Maksymalny identyfikator użytkownika"
-#: src/config/SSSDConfig/__init__.py.in:122
+#: src/config/SSSDConfig/__init__.py.in:123
msgid "Enable enumerating all users/groups"
msgstr "Włącza wyliczanie wszystkich użytkowników/grup"
-#: src/config/SSSDConfig/__init__.py.in:123
+#: src/config/SSSDConfig/__init__.py.in:124
msgid "Cache credentials for offline login"
msgstr "Dane uwierzytelniające pamięci podręcznej dla logowań w trybie offline"
-#: src/config/SSSDConfig/__init__.py.in:124
+#: src/config/SSSDConfig/__init__.py.in:125
msgid "Store password hashes"
msgstr "Przechowuje mieszanie haseł"
-#: src/config/SSSDConfig/__init__.py.in:125
+#: src/config/SSSDConfig/__init__.py.in:126
msgid "Display users/groups in fully-qualified form"
msgstr "Wyświetla użytkowników/grupy w pełnej formie"
-#: src/config/SSSDConfig/__init__.py.in:126
+#: src/config/SSSDConfig/__init__.py.in:127
msgid "Don't include group members in group lookups"
msgstr "Bez dołączania członków grup w wyszukiwaniach grup"
-#: src/config/SSSDConfig/__init__.py.in:127
-#: src/config/SSSDConfig/__init__.py.in:134
+#: src/config/SSSDConfig/__init__.py.in:128
#: src/config/SSSDConfig/__init__.py.in:135
#: src/config/SSSDConfig/__init__.py.in:136
#: src/config/SSSDConfig/__init__.py.in:137
#: src/config/SSSDConfig/__init__.py.in:138
#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "Entry cache timeout length (seconds)"
msgstr "Czas oczekiwania pamięci podręcznej wpisów (sekundy)"
-#: src/config/SSSDConfig/__init__.py.in:128
+#: src/config/SSSDConfig/__init__.py.in:129
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr ""
"Ogranicza lub preferuje podaną rodzinę adresów podczas wykonywania "
"wyszukiwań DNS"
-#: src/config/SSSDConfig/__init__.py.in:129
+#: src/config/SSSDConfig/__init__.py.in:130
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
"Jak długo utrzymywać wpisy logowania w pamięci podręcznej po ostatnim udanym "
"zalogowaniu (dni)"
-#: src/config/SSSDConfig/__init__.py.in:130
+#: src/config/SSSDConfig/__init__.py.in:131
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr ""
"Jak długo czekać na odpowiedzi od serwera DNS podczas rozwiązywania serwerów "
"(sekundy)"
-#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "The domain part of service discovery DNS query"
msgstr "Część domeny zapytania DNS wykrywania usługi"
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "Override GID value from the identity provider with this value"
msgstr "Zastępuje wartość GID z dostawcy tożsamości tą wartością"
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Treat usernames as case sensitive"
msgstr "Rozróżnianie wielkości liter w nazwach użytkowników"
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "How often should expired entries be refreshed in background"
msgstr "Jak często odświeżać w tle wygasłe wpisy"
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "Whether to automatically update the client's DNS entry"
msgstr "Czy automatycznie aktualizować wpis DNS klienta"
-#: src/config/SSSDConfig/__init__.py.in:142
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:143
+#: src/config/SSSDConfig/__init__.py.in:159
msgid "The TTL to apply to the client's DNS entry after updating it"
msgstr "TTL do zastosowania do wpisu DNS klienta po jego zaktualizowaniu"
-#: src/config/SSSDConfig/__init__.py.in:143
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
"Interfejs, którego adres IP powinien być używany do dynamicznych "
"aktualizacji DNS"
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:145
msgid "How often to periodically update the client's DNS entry"
msgstr "Jak często okresowo aktualizować wpis DNS klienta"
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:146
msgid "Whether the provider should explicitly update the PTR record as well"
msgstr "Określa, czy dostawca powinien aktualizować także wpis PTR"
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:147
msgid "Whether the nsupdate utility should default to using TCP"
msgstr "Określa, czy narzędzie nsupdate powinno domyślnie używać portu TCP"
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "What kind of authentication should be used to perform the DNS update"
msgstr ""
"Jakiego rodzaju uwierzytelnianie powinno być używane do wykonywania "
"aktualizacji DNS"
-#: src/config/SSSDConfig/__init__.py.in:148
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "Control enumeration of trusted domains"
msgstr "Kontrola wyliczania zaufanych domen"
-#: src/config/SSSDConfig/__init__.py.in:149
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "How often should subdomains list be refreshed"
msgstr "Jak często odświeżać listę poddomen"
-#: src/config/SSSDConfig/__init__.py.in:152
+#: src/config/SSSDConfig/__init__.py.in:151
+msgid "List of options that should be inherited into a subdomain"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:154
msgid "IPA domain"
msgstr "Domena IPA"
-#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:155
msgid "IPA server address"
msgstr "Adres serwera IPA"
-#: src/config/SSSDConfig/__init__.py.in:154
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Address of backup IPA server"
msgstr "Adres zapasowego serwera IPA"
-#: src/config/SSSDConfig/__init__.py.in:155
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "IPA client hostname"
msgstr "Nazwa komputera klienta IPA"
-#: src/config/SSSDConfig/__init__.py.in:156
+#: src/config/SSSDConfig/__init__.py.in:158
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
"Czy automatycznie aktualizować wpis DNS klienta w oprogramowaniu FreeIPA"
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:161
msgid "Search base for HBAC related objects"
msgstr "Podstawa wyszukiwania pod kątem obiektów związanych z HBAC"
-#: src/config/SSSDConfig/__init__.py.in:160
+#: src/config/SSSDConfig/__init__.py.in:162
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr "Czas między wyszukiwaniami reguł HBAC w serwerze IPA"
-#: src/config/SSSDConfig/__init__.py.in:161
+#: src/config/SSSDConfig/__init__.py.in:163
msgid ""
"The amount of time in seconds between lookups of the SELinux maps against "
"the IPA server"
msgstr "Czas w sekundach między wyszukiwaniami map SELinuksa w serwerze IPA"
-#: src/config/SSSDConfig/__init__.py.in:162
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr "Jeśli reguły DENY są dostępne, to DENY_ALL lub IGNORE"
-#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
"Jeśli ustawiono na fałsz, to parametr komputera podany przez PAM zostanie "
"zignorowany"
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "The automounter location this IPA client is using"
msgstr "Położenie automountera, którego używa ten klient IPA"
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Search base for object containing info about IPA domain"
msgstr ""
"Podstawa wyszukiwania dla obiektów zawierających informacje o domenie IPA"
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:168
msgid "Search base for objects containing info about ID ranges"
msgstr ""
"Podstawa wyszukiwania dla obiektów zawierających informacje o zakresach "
"identyfikatorów"
-#: src/config/SSSDConfig/__init__.py.in:167
-#: src/config/SSSDConfig/__init__.py.in:181
+#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:183
msgid "Enable DNS sites - location based service discovery"
msgstr "Włącza witryny DNS - wykrywanie usług w oparciu o położenie"
-#: src/config/SSSDConfig/__init__.py.in:168
+#: src/config/SSSDConfig/__init__.py.in:170
msgid "Search base for view containers"
msgstr "Podstawa wyszukiwania dla widoku kontenerów"
-#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:171
msgid "Objectclass for view containers"
msgstr "Klasa obiektu dla widoku kontenerów"
-#: src/config/SSSDConfig/__init__.py.in:170
+#: src/config/SSSDConfig/__init__.py.in:172
msgid "Attribute with the name of the view"
msgstr "Atrybut z nazwą widoku"
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
msgid "Objectclass for override objects"
msgstr "Klasa obiektu dla obiektów zastępowania"
-#: src/config/SSSDConfig/__init__.py.in:172
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Attribute with the reference to the original object"
msgstr "Atrybut z odniesieniem do pierwotnego obiektu"
-#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:175
msgid "Objectclass for user override objects"
msgstr "Klasa obiektu dla obiektów zastępowania użytkownika"
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:176
msgid "Objectclass for group override objects"
msgstr "Klasa obiektów dla obiektów zastępowania grup"
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "Active Directory domain"
msgstr "Domena Active Directory"
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "Active Directory server address"
msgstr "Adres serwera Active Directory"
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "Active Directory backup server address"
msgstr "Adres zapasowego serwera Active Directory"
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "Active Directory client hostname"
msgstr "Nazwa komputera klienta Active Directory"
-#: src/config/SSSDConfig/__init__.py.in:182
-#: src/config/SSSDConfig/__init__.py.in:357
+#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:360
msgid "LDAP filter to determine access privileges"
msgstr "Filtr LDAP do określenia uprawnień dostępu"
-#: src/config/SSSDConfig/__init__.py.in:183
+#: src/config/SSSDConfig/__init__.py.in:185
msgid "Whether to use the Global Catalog for lookups"
msgstr "Czy używać Global Catalog do wyszukiwań"
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Operation mode for GPO-based access control"
msgstr "Tryb działania dla kontroli dostępu opartej na GPO"
-#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:187
msgid ""
"The amount of time between lookups of the GPO policy files against the AD "
"server"
msgstr "Czas między wyszukiwaniami plików polityki GPO w serwerze AD"
-#: src/config/SSSDConfig/__init__.py.in:186
+#: src/config/SSSDConfig/__init__.py.in:188
msgid ""
"PAM service names that map to the GPO (Deny)InteractiveLogonRight policy "
"settings"
@@ -533,7 +541,7 @@ msgstr ""
"Nazwy usług PAM mapujących do ustawień polityki GPO "
"(Deny)InteractiveLogonRight"
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:189
msgid ""
"PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight "
"policy settings"
@@ -541,245 +549,249 @@ msgstr ""
"Nazwy usług PAM mapujących do ustawień polityki GPO "
"(Deny)RemoteInteractiveLogonRight"
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:190
msgid ""
"PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings"
msgstr ""
"Nazwy usług PAM mapujących do ustawień polityki GPO (Deny)NetworkLogonRight"
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:191
msgid ""
"PAM service names that map to the GPO (Deny)BatchLogonRight policy settings"
msgstr ""
"Nazwy usług PAM mapujących do ustawień polityki GPO (Deny)BatchLogonRight"
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:192
msgid ""
"PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings"
msgstr ""
"Nazwy usług PAM mapujących do ustawień polityki GPO (Deny)ServiceLogonRight"
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "PAM service names for which GPO-based access is always granted"
msgstr ""
"Nazwy usług PAM, dla których zawsze udzielany jest dostęp oparty na GPO"
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "PAM service names for which GPO-based access is always denied"
msgstr ""
"Nazwy usług PAM, dla których zawsze odmawiany jest dostęp oparty na GPO"
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:195
msgid ""
"Default logon right (or permit/deny) to use for unmapped PAM service names"
msgstr ""
"Domyślne uprawnienie logowania (lub zezwolenie/odmowa) do użycia dla "
"niemapowanych nazw usług PAM"
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "a particular site to be used by the client"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:197
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "Kerberos server address"
msgstr "Adres serwera Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Kerberos backup server address"
msgstr "Adres zapasowego serwera Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "Kerberos realm"
msgstr "Obszar Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "Authentication timeout"
msgstr "Czas oczekiwania na uwierzytelnienie"
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "Whether to create kdcinfo files"
msgstr "Określa, czy tworzyć pliki kdcinfo"
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "Where to drop krb5 config snippets"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "Directory to store credential caches"
msgstr ""
"Katalog do przechowywania pamięci podręcznych danych uwierzytelniających"
-#: src/config/SSSDConfig/__init__.py.in:207
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "Location of the user's credential cache"
msgstr "Położenie pamięci podręcznej danych uwierzytelniających użytkownika"
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:210
msgid "Location of the keytab to validate credentials"
msgstr "Położenie tablicy kluczy do sprawdzania danych uwierzytelniających"
-#: src/config/SSSDConfig/__init__.py.in:209
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "Enable credential validation"
msgstr "Włącza sprawdzanie danych uwierzytelniających"
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:212
msgid "Store password if offline for later online authentication"
msgstr ""
"Przechowuje hasło, jeśli w trybie offline do późniejszego uwierzytelnienia w "
"trybie online"
-#: src/config/SSSDConfig/__init__.py.in:211
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Renewable lifetime of the TGT"
msgstr "Odnawialny czas trwania TGT"
-#: src/config/SSSDConfig/__init__.py.in:212
+#: src/config/SSSDConfig/__init__.py.in:214
msgid "Lifetime of the TGT"
msgstr "Czas trwania TGT"
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:215
msgid "Time between two checks for renewal"
msgstr "Czas między dwoma sprawdzaniami odnowy"
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "Enables FAST"
msgstr "Włącza FAST"
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "Selects the principal to use for FAST"
msgstr "Wybiera naczelnika do użycia dla FAST"
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:218
msgid "Enables principal canonicalization"
msgstr "Włącza ujednolicanie naczelnika"
-#: src/config/SSSDConfig/__init__.py.in:217
+#: src/config/SSSDConfig/__init__.py.in:219
msgid "Enables enterprise principals"
msgstr "Włącza naczelników enterprise"
#: src/config/SSSDConfig/__init__.py.in:220
-#: src/config/SSSDConfig/__init__.py.in:221
+msgid "A mapping from user names to kerberos principal names"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:224
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
"Serwer, w którym jest uruchomiona usługa zmiany haseł, jeśli nie znajduje "
"się w KDC"
-#: src/config/SSSDConfig/__init__.py.in:224
+#: src/config/SSSDConfig/__init__.py.in:227
msgid "ldap_uri, The URI of the LDAP server"
msgstr "ldap_uri, adres URI serwera LDAP"
-#: src/config/SSSDConfig/__init__.py.in:225
+#: src/config/SSSDConfig/__init__.py.in:228
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr "ldap_backup_uri, adres URI serwera LDAP"
-#: src/config/SSSDConfig/__init__.py.in:226
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "The default base DN"
msgstr "Domyślna podstawowa DN"
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr "Typ Schema do użycia na serwerze LDAP, RFC2307"
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "The default bind DN"
msgstr "Domyślne DN dowiązania"
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "The type of the authentication token of the default bind DN"
msgstr "Typ tokenu uwierzytelniania domyślnego DN dowiązania"
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "The authentication token of the default bind DN"
msgstr "Token uwierzytelniania domyślnego DN dowiązania"
-#: src/config/SSSDConfig/__init__.py.in:231
+#: src/config/SSSDConfig/__init__.py.in:234
msgid "Length of time to attempt connection"
msgstr "Czas do próby połączenia"
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Length of time to attempt synchronous LDAP operations"
msgstr "Czas do próby synchronicznych działań LDAP"
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "Length of time between attempts to reconnect while offline"
msgstr "Czas między próbami ponownego połączenia w trybie offline"
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Use only the upper case for realm names"
msgstr "Użycie tylko małych znaków w nazwach obszarów"
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "File that contains CA certificates"
msgstr "Plik zawierający certyfikaty CA"
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Path to CA certificate directory"
msgstr "Ścieżka do katalogu certyfikatów CA"
-#: src/config/SSSDConfig/__init__.py.in:237
+#: src/config/SSSDConfig/__init__.py.in:240
msgid "File that contains the client certificate"
msgstr "Plik zawierający certyfikat klienta"
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "File that contains the client key"
msgstr "Plik zawierający klucz klienta"
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "List of possible ciphers suites"
msgstr "Lista możliwych zestawów szyfrów"
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "Require TLS certificate verification"
msgstr "Wymaga sprawdzenia certyfikatu TLS"
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "Specify the sasl mechanism to use"
msgstr "Podaje używany mechanizm SASL"
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "Specify the sasl authorization id to use"
msgstr "Podaje używany identyfikator upoważnienia SASL"
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "Specify the sasl authorization realm to use"
msgstr "Podaje obszar upoważnienia SASL do użycia"
-#: src/config/SSSDConfig/__init__.py.in:244
+#: src/config/SSSDConfig/__init__.py.in:247
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr "Podaje minimalne SSF dla upoważnienia sasl LDAP"
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Kerberos service keytab"
msgstr "Tablica kluczy usługi Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "Use Kerberos auth for LDAP connection"
msgstr "Używa uwierzytelniania Kerberos dla połączenia LDAP"
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "Follow LDAP referrals"
msgstr "Podąża za odsyłaniami LDAP"
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "Lifetime of TGT for LDAP connection"
msgstr "Czas trwania TGT dla połączenia LDAP"
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "How to dereference aliases"
msgstr "Jak wskazywać aliasy"
-#: src/config/SSSDConfig/__init__.py.in:250
+#: src/config/SSSDConfig/__init__.py.in:253
msgid "Service name for DNS service lookups"
msgstr "Nazwa usługi do wyszukiwań usługi DNS"
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "The number of records to retrieve in a single LDAP query"
msgstr "Liczba wpisów do pobrania w jednym zapytaniu LDAP"
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "The number of members that must be missing to trigger a full deref"
msgstr "Suma liczb, których musi brakować, aby wywołać pełne \"deref\""
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
@@ -787,361 +799,361 @@ msgstr ""
"Określa, czy biblioteka LDAP powinna wykonywać odwrotne wyszukanie, aby "
"ujednolicić nazwę komputera podczas dowiązania SASL"
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "entryUSN attribute"
msgstr "Atrybut entryUSN"
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "lastUSN attribute"
msgstr "Atrybut lastUSN"
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr "Jak długo utrzymywać połączenie z serwerem LDAP przed rozłączeniem"
-#: src/config/SSSDConfig/__init__.py.in:260
+#: src/config/SSSDConfig/__init__.py.in:263
msgid "Disable the LDAP paging control"
msgstr "Wyłącza kontrolę stronicowania LDAP"
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "Disable Active Directory range retrieval"
msgstr "Wyłącza pobieranie zakresu Active Directory"
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "Length of time to wait for a search request"
msgstr "Czas oczekiwania na żądanie wyszukiwania"
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "Length of time to wait for a enumeration request"
msgstr "Czas oczekiwania na żądanie wyliczenia"
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "Length of time between enumeration updates"
msgstr "Czas między aktualizacjami wyliczania"
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "Length of time between cache cleanups"
msgstr "Czas między czyszczeniem pamięci podręcznej"
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "Require TLS for ID lookups"
msgstr "Wymaga TLS dla wyszukiwania identyfikatorów"
-#: src/config/SSSDConfig/__init__.py.in:269
+#: src/config/SSSDConfig/__init__.py.in:272
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
"Używa mapowania identyfikatorów objectSID zamiast uprzednio ustawionych "
"identyfikatorów"
-#: src/config/SSSDConfig/__init__.py.in:270
+#: src/config/SSSDConfig/__init__.py.in:273
msgid "Base DN for user lookups"
msgstr "Podstawowe DN dla wyszukiwania użytkowników"
-#: src/config/SSSDConfig/__init__.py.in:271
+#: src/config/SSSDConfig/__init__.py.in:274
msgid "Scope of user lookups"
msgstr "Zakres wyszukiwania użytkowników"
-#: src/config/SSSDConfig/__init__.py.in:272
+#: src/config/SSSDConfig/__init__.py.in:275
msgid "Filter for user lookups"
msgstr "Filtruje wyszukiwania użytkowników"
-#: src/config/SSSDConfig/__init__.py.in:273
+#: src/config/SSSDConfig/__init__.py.in:276
msgid "Objectclass for users"
msgstr "Klasa obiektów dla użytkowników"
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Username attribute"
msgstr "Atrybut nazwy użytkownika"
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "UID attribute"
msgstr "Atrybut UID"
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "Primary GID attribute"
msgstr "Pierwszy atrybut GID"
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "GECOS attribute"
msgstr "Atrybut GECOS"
-#: src/config/SSSDConfig/__init__.py.in:279
+#: src/config/SSSDConfig/__init__.py.in:282
msgid "Home directory attribute"
msgstr "Atrybut katalogu domowego"
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "Shell attribute"
msgstr "Atrybut powłoki"
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
#, fuzzy
msgid "UUID attribute"
msgstr "Atrybut UID"
-#: src/config/SSSDConfig/__init__.py.in:282
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:322
msgid "objectSID attribute"
msgstr "Atrybut objectSID"
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Active Directory primary group attribute for ID-mapping"
msgstr "Atrybut głównej grupy Active Directory dla mapowania identyfikatorów"
-#: src/config/SSSDConfig/__init__.py.in:284
+#: src/config/SSSDConfig/__init__.py.in:287
msgid "User principal attribute (for Kerberos)"
msgstr "Atrybut głównego użytkownika (dla Kerberos)"
-#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:288
msgid "Full Name"
msgstr "Imię i nazwisko"
-#: src/config/SSSDConfig/__init__.py.in:286
+#: src/config/SSSDConfig/__init__.py.in:289
msgid "memberOf attribute"
msgstr "Atrybut memberOf"
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Modification time attribute"
msgstr "Atrybut czasu modyfikacji"
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "shadowLastChange attribute"
msgstr "Atrybut shadowLastChange"
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "shadowMin attribute"
msgstr "Atrybut shadowMin"
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "shadowMax attribute"
msgstr "Atrybut shadowMax"
-#: src/config/SSSDConfig/__init__.py.in:292
+#: src/config/SSSDConfig/__init__.py.in:295
msgid "shadowWarning attribute"
msgstr "Atrybut shadowWarning"
-#: src/config/SSSDConfig/__init__.py.in:293
+#: src/config/SSSDConfig/__init__.py.in:296
msgid "shadowInactive attribute"
msgstr "Atrybut shadowInactive"
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "shadowExpire attribute"
msgstr "Atrybut shadowExpire"
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "shadowFlag attribute"
msgstr "Atrybut shadowFlag"
-#: src/config/SSSDConfig/__init__.py.in:296
+#: src/config/SSSDConfig/__init__.py.in:299
msgid "Attribute listing authorized PAM services"
msgstr "Atrybut zawierający listę upoważnionych usług PAM"
-#: src/config/SSSDConfig/__init__.py.in:297
+#: src/config/SSSDConfig/__init__.py.in:300
msgid "Attribute listing authorized server hosts"
msgstr "Atrybut zawierający listę upoważnionych komputerów serwerowych"
-#: src/config/SSSDConfig/__init__.py.in:298
+#: src/config/SSSDConfig/__init__.py.in:301
msgid "krbLastPwdChange attribute"
msgstr "Atrybut krbLastPwdChange"
-#: src/config/SSSDConfig/__init__.py.in:299
+#: src/config/SSSDConfig/__init__.py.in:302
msgid "krbPasswordExpiration attribute"
msgstr "Atrybut krbPasswordExpiration"
-#: src/config/SSSDConfig/__init__.py.in:300
+#: src/config/SSSDConfig/__init__.py.in:303
msgid "Attribute indicating that server side password policies are active"
msgstr "Atrybut wskazujący, czy polityki haseł po stronie serwera są aktywne"
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "accountExpires attribute of AD"
msgstr "Atrybut accountExpires AD"
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "userAccountControl attribute of AD"
msgstr "Atrybut userAccountControl AD"
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "nsAccountLock attribute"
msgstr "Atrybut nsAccountLock"
-#: src/config/SSSDConfig/__init__.py.in:304
+#: src/config/SSSDConfig/__init__.py.in:307
msgid "loginDisabled attribute of NDS"
msgstr "Atrybut loginDisabled NDS"
-#: src/config/SSSDConfig/__init__.py.in:305
+#: src/config/SSSDConfig/__init__.py.in:308
msgid "loginExpirationTime attribute of NDS"
msgstr "Atrybut loginExpirationTime NDS"
-#: src/config/SSSDConfig/__init__.py.in:306
+#: src/config/SSSDConfig/__init__.py.in:309
msgid "loginAllowedTimeMap attribute of NDS"
msgstr "Atrybut loginAllowedTimeMap NDS"
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "SSH public key attribute"
msgstr "Atrybut klucza publicznego SSH"
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "A list of extra attributes to download along with the user entry"
msgstr "Lista dodatkowych atrybutów do pobrania razem z wpisem użytkownika"
-#: src/config/SSSDConfig/__init__.py.in:310
+#: src/config/SSSDConfig/__init__.py.in:313
msgid "Base DN for group lookups"
msgstr "Podstawowe DN dla wyszukiwania grup"
-#: src/config/SSSDConfig/__init__.py.in:313
+#: src/config/SSSDConfig/__init__.py.in:316
msgid "Objectclass for groups"
msgstr "Klasa obiektów dla grup"
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "Group name"
msgstr "Nazwa grupy"
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Group password"
msgstr "Hasło grupy"
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid "GID attribute"
msgstr "Atrybut GID"
-#: src/config/SSSDConfig/__init__.py.in:317
+#: src/config/SSSDConfig/__init__.py.in:320
msgid "Group member attribute"
msgstr "Atrybut elementu grupy"
-#: src/config/SSSDConfig/__init__.py.in:318
+#: src/config/SSSDConfig/__init__.py.in:321
#, fuzzy
msgid "Group UUID attribute"
msgstr "Atrybut UID"
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "Modification time attribute for groups"
msgstr "Atrybut czasu modyfikacji grup"
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "Type of the group and other flags"
msgstr "Typ grupy i inne flagi"
-#: src/config/SSSDConfig/__init__.py.in:323
+#: src/config/SSSDConfig/__init__.py.in:326
msgid "Maximum nesting level SSSd will follow"
msgstr "Maksymalny poziom zagnieżdżenia, jaki usługa SSSD będzie używała"
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Base DN for netgroup lookups"
msgstr "Podstawowe DN dla wyszukiwania grupy sieciowej"
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Objectclass for netgroups"
msgstr "Klasa obiektów dla grup sieciowych"
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Netgroup name"
msgstr "Nazwa grupy sieciowej"
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Netgroups members attribute"
msgstr "Atrybut elementów grupy sieciowej"
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid "Netgroup triple attribute"
msgstr "Potrójny atrybut grupy sieciowej"
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "Modification time attribute for netgroups"
msgstr "Atrybut czasu modyfikacji grup sieciowych"
-#: src/config/SSSDConfig/__init__.py.in:332
+#: src/config/SSSDConfig/__init__.py.in:335
msgid "Base DN for service lookups"
msgstr "Podstawowe DN do wyszukiwania usług"
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Objectclass for services"
msgstr "Klasa obiektów dla usług"
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Service name attribute"
msgstr "Atrybut nazwy usługi"
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Service port attribute"
msgstr "Atrybut portu usługi"
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Service protocol attribute"
msgstr "Atrybut protokołu usługi"
-#: src/config/SSSDConfig/__init__.py.in:339
+#: src/config/SSSDConfig/__init__.py.in:342
msgid "Lower bound for ID-mapping"
msgstr "Niższa granica dla mapowania identyfikatorów"
-#: src/config/SSSDConfig/__init__.py.in:340
+#: src/config/SSSDConfig/__init__.py.in:343
msgid "Upper bound for ID-mapping"
msgstr "Wyższa granica dla mapowania identyfikatorów"
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
"Liczba identyfikatorów dla każdego kawałka podczas mapowania identyfikatorów"
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr "Używa algorytmu zgodnego z autorid do mapowania identyfikatorów"
-#: src/config/SSSDConfig/__init__.py.in:343
+#: src/config/SSSDConfig/__init__.py.in:346
msgid "Name of the default domain for ID-mapping"
msgstr "Nazwa domyślnej domeny dla mapowania identyfikatorów"
-#: src/config/SSSDConfig/__init__.py.in:344
+#: src/config/SSSDConfig/__init__.py.in:347
msgid "SID of the default domain for ID-mapping"
msgstr "SID domyślnej domeny dla mapowania identyfikatorów"
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr "Użycie LDAP_MATCHING_RULE_IN_CHAIN do wyszukiwania grup"
-#: src/config/SSSDConfig/__init__.py.in:347
+#: src/config/SSSDConfig/__init__.py.in:350
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr "Użycie LDAP_MATCHING_RULE_IN_CHAIN do wyszukiwania grup inicjacyjnych"
-#: src/config/SSSDConfig/__init__.py.in:348
+#: src/config/SSSDConfig/__init__.py.in:351
msgid "Whether to use Token-Groups"
msgstr "Czy używać Token-Groups"
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "Set lower boundary for allowed IDs from the LDAP server"
msgstr "Ustawia dolną granicę dla dozwolonych identyfikatorów z serwera LDAP"
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Set upper boundary for allowed IDs from the LDAP server"
msgstr "Ustawia górną granicę dla dozwolonych identyfikatorów z serwera LDAP"
-#: src/config/SSSDConfig/__init__.py.in:351
+#: src/config/SSSDConfig/__init__.py.in:354
msgid "DN for ppolicy queries"
msgstr "DN dla zapytań polityki"
-#: src/config/SSSDConfig/__init__.py.in:354
+#: src/config/SSSDConfig/__init__.py.in:357
msgid "Policy to evaluate the password expiration"
msgstr "Polityka do oszacowania wygaszenia hasła"
-#: src/config/SSSDConfig/__init__.py.in:358
+#: src/config/SSSDConfig/__init__.py.in:361
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr "Które atrybuty powinny być używane do sprawdzenia, czy konto wygasło"
-#: src/config/SSSDConfig/__init__.py.in:359
+#: src/config/SSSDConfig/__init__.py.in:362
msgid "Which rules should be used to evaluate access control"
msgstr "Które reguły powinny być używane do sprawdzania kontroli dostępu"
-#: src/config/SSSDConfig/__init__.py.in:362
+#: src/config/SSSDConfig/__init__.py.in:365
msgid "URI of an LDAP server where password changes are allowed"
msgstr "Adres URI serwera LDAP, gdzie zmiany hasła są dozwolone"
-#: src/config/SSSDConfig/__init__.py.in:363
+#: src/config/SSSDConfig/__init__.py.in:366
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr "Adres URI zapasowego serwera LDAP, gdzie zmiany hasła są dozwolone"
-#: src/config/SSSDConfig/__init__.py.in:364
+#: src/config/SSSDConfig/__init__.py.in:367
msgid "DNS service name for LDAP password change server"
msgstr "Nazwa usługi DNS serwera zmiany hasła LDAP"
-#: src/config/SSSDConfig/__init__.py.in:365
+#: src/config/SSSDConfig/__init__.py.in:368
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
@@ -1149,24 +1161,24 @@ msgstr ""
"Określa, czy zaktualizować atrybut ldap_user_shadow_last_change po zmianie "
"hasła"
-#: src/config/SSSDConfig/__init__.py.in:368
+#: src/config/SSSDConfig/__init__.py.in:371
msgid "Base DN for sudo rules lookups"
msgstr "Podstawowe DN dla wyszukiwań reguł sudo"
-#: src/config/SSSDConfig/__init__.py.in:369
+#: src/config/SSSDConfig/__init__.py.in:372
msgid "Automatic full refresh period"
msgstr "Okres między automatycznymi pełnymi odświeżeniami"
-#: src/config/SSSDConfig/__init__.py.in:370
+#: src/config/SSSDConfig/__init__.py.in:373
msgid "Automatic smart refresh period"
msgstr "Okres między automatycznymi inteligentnymi odświeżeniami"
-#: src/config/SSSDConfig/__init__.py.in:371
+#: src/config/SSSDConfig/__init__.py.in:374
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
"Określa, czy filtrować reguły według nazwy komputera, adresów IP i sieci"
-#: src/config/SSSDConfig/__init__.py.in:372
+#: src/config/SSSDConfig/__init__.py.in:375
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
@@ -1174,122 +1186,122 @@ msgstr ""
"Nazwy komputerów i/lub pełne kwalifikowane nazwy domen tego komputera do "
"filtrowania reguł sudo"
-#: src/config/SSSDConfig/__init__.py.in:373
+#: src/config/SSSDConfig/__init__.py.in:376
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
"Adresy lub sieci IPv4 lub IPv6 tego komputera do filtrowania reguł sudo"
-#: src/config/SSSDConfig/__init__.py.in:374
+#: src/config/SSSDConfig/__init__.py.in:377
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
"Określa, czy zawierać reguły zawierające grupy sieciowe w atrybucie komputera"
-#: src/config/SSSDConfig/__init__.py.in:375
+#: src/config/SSSDConfig/__init__.py.in:378
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
"Określa, czy zawierać reguły zawierające wyrażenia regularne w atrybucie "
"komputera"
-#: src/config/SSSDConfig/__init__.py.in:376
+#: src/config/SSSDConfig/__init__.py.in:379
msgid "Object class for sudo rules"
msgstr "Klasa obiektów dla reguł sudo"
-#: src/config/SSSDConfig/__init__.py.in:377
+#: src/config/SSSDConfig/__init__.py.in:380
msgid "Sudo rule name"
msgstr "Nazwa reguły sudo"
-#: src/config/SSSDConfig/__init__.py.in:378
+#: src/config/SSSDConfig/__init__.py.in:381
msgid "Sudo rule command attribute"
msgstr "Atrybut polecenia reguły sudo"
-#: src/config/SSSDConfig/__init__.py.in:379
+#: src/config/SSSDConfig/__init__.py.in:382
msgid "Sudo rule host attribute"
msgstr "Atrybut komputera reguły sudo"
-#: src/config/SSSDConfig/__init__.py.in:380
+#: src/config/SSSDConfig/__init__.py.in:383
msgid "Sudo rule user attribute"
msgstr "Atrybut użytkownika reguły sudo"
-#: src/config/SSSDConfig/__init__.py.in:381
+#: src/config/SSSDConfig/__init__.py.in:384
msgid "Sudo rule option attribute"
msgstr "Atrybut opcji reguły sudo"
-#: src/config/SSSDConfig/__init__.py.in:382
+#: src/config/SSSDConfig/__init__.py.in:385
msgid "Sudo rule runas attribute"
msgstr "Atrybut runas reguły sudo"
-#: src/config/SSSDConfig/__init__.py.in:383
+#: src/config/SSSDConfig/__init__.py.in:386
msgid "Sudo rule runasuser attribute"
msgstr "Atrybut runasuser reguły sudo"
-#: src/config/SSSDConfig/__init__.py.in:384
+#: src/config/SSSDConfig/__init__.py.in:387
msgid "Sudo rule runasgroup attribute"
msgstr "Atrybut runasgroup reguły sudo"
-#: src/config/SSSDConfig/__init__.py.in:385
+#: src/config/SSSDConfig/__init__.py.in:388
msgid "Sudo rule notbefore attribute"
msgstr "Atrybut notbefore reguły sudo"
-#: src/config/SSSDConfig/__init__.py.in:386
+#: src/config/SSSDConfig/__init__.py.in:389
msgid "Sudo rule notafter attribute"
msgstr "Atrybut notafter reguły sudo"
-#: src/config/SSSDConfig/__init__.py.in:387
+#: src/config/SSSDConfig/__init__.py.in:390
msgid "Sudo rule order attribute"
msgstr "Atrybut kolejności reguły sudo"
-#: src/config/SSSDConfig/__init__.py.in:390
+#: src/config/SSSDConfig/__init__.py.in:393
msgid "Object class for automounter maps"
msgstr "Klasa obiektów dla map automountera"
-#: src/config/SSSDConfig/__init__.py.in:391
+#: src/config/SSSDConfig/__init__.py.in:394
msgid "Automounter map name attribute"
msgstr "Atrybut nazwy mapy automountera"
-#: src/config/SSSDConfig/__init__.py.in:392
+#: src/config/SSSDConfig/__init__.py.in:395
msgid "Object class for automounter map entries"
msgstr "Klasa obiektów dla wpisów map automountera"
-#: src/config/SSSDConfig/__init__.py.in:393
+#: src/config/SSSDConfig/__init__.py.in:396
msgid "Automounter map entry key attribute"
msgstr "Atrybut klucza wpisu mapy automountera"
-#: src/config/SSSDConfig/__init__.py.in:394
+#: src/config/SSSDConfig/__init__.py.in:397
msgid "Automounter map entry value attribute"
msgstr "Atrybut wartości wpisu mapy automountera"
-#: src/config/SSSDConfig/__init__.py.in:395
+#: src/config/SSSDConfig/__init__.py.in:398
msgid "Base DN for automounter map lookups"
msgstr "Podstawowe DN dla wyszukiwań map automountera"
-#: src/config/SSSDConfig/__init__.py.in:398
+#: src/config/SSSDConfig/__init__.py.in:401
msgid "Comma separated list of allowed users"
msgstr "Lista dozwolonych użytkowników oddzielonych przecinkami"
-#: src/config/SSSDConfig/__init__.py.in:399
+#: src/config/SSSDConfig/__init__.py.in:402
msgid "Comma separated list of prohibited users"
msgstr "Lista zabronionych użytkowników oddzielonych przecinkami"
-#: src/config/SSSDConfig/__init__.py.in:402
+#: src/config/SSSDConfig/__init__.py.in:405
msgid "Default shell, /bin/bash"
msgstr "Domyślna powłoka, /bin/bash"
-#: src/config/SSSDConfig/__init__.py.in:403
+#: src/config/SSSDConfig/__init__.py.in:406
msgid "Base for home directories"
msgstr "Podstawa katalogów domowych"
-#: src/config/SSSDConfig/__init__.py.in:406
+#: src/config/SSSDConfig/__init__.py.in:409
msgid "The name of the NSS library to use"
msgstr "Nazwa używanej biblioteki NSS"
-#: src/config/SSSDConfig/__init__.py.in:407
+#: src/config/SSSDConfig/__init__.py.in:410
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
"Określa, czy wyszukiwać kanoniczną nazwę grupy w pamięci podręcznej, jeśli "
"to możliwe"
-#: src/config/SSSDConfig/__init__.py.in:410
+#: src/config/SSSDConfig/__init__.py.in:413
msgid "PAM stack to use"
msgstr "Używany stos PAM"
@@ -1309,26 +1321,26 @@ msgstr "Podaje niedomyślny plik konfiguracji"
msgid "Print version number and exit"
msgstr "Wyświetla numer wersji i kończy działanie"
-#: src/providers/krb5/krb5_child.c:2342 src/providers/ldap/ldap_child.c:589
+#: src/providers/krb5/krb5_child.c:2342 src/providers/ldap/ldap_child.c:609
#: src/util/util.h:108
msgid "Debug level"
msgstr "Poziom debugowania"
-#: src/providers/krb5/krb5_child.c:2344 src/providers/ldap/ldap_child.c:591
+#: src/providers/krb5/krb5_child.c:2344 src/providers/ldap/ldap_child.c:611
#: src/util/util.h:114
msgid "Add debug timestamps"
msgstr "Dodaje czasy debugowania"
-#: src/providers/krb5/krb5_child.c:2346 src/providers/ldap/ldap_child.c:593
+#: src/providers/krb5/krb5_child.c:2346 src/providers/ldap/ldap_child.c:613
#: src/util/util.h:116
msgid "Show timestamps with microseconds"
msgstr "Wyświetlanie dat z mikrosekundami"
-#: src/providers/krb5/krb5_child.c:2348 src/providers/ldap/ldap_child.c:595
+#: src/providers/krb5/krb5_child.c:2348 src/providers/ldap/ldap_child.c:615
msgid "An open file descriptor for the debug logs"
msgstr "Otwiera deskryptor pliku dla dzienników debugowania"
-#: src/providers/krb5/krb5_child.c:2351 src/providers/ldap/ldap_child.c:597
+#: src/providers/krb5/krb5_child.c:2351 src/providers/ldap/ldap_child.c:617
#: src/util/util.h:112
msgid "Send the debug output to stderr directly."
msgstr ""
@@ -1342,69 +1354,78 @@ msgstr ""
msgid "The group to create FAST ccache as"
msgstr ""
-#: src/providers/data_provider_be.c:2833
+#: src/providers/data_provider_be.c:2834
msgid "Domain of the information provider (mandatory)"
msgstr "Domena dostawcy informacji (wymagane)"
-#: src/sss_client/common.c:969
+#: src/sss_client/common.c:971
msgid "Privileged socket has wrong ownership or permissions."
msgstr "Uprawnione gniazdo posiada błędnego właściciela lub uprawnienia."
-#: src/sss_client/common.c:972
+#: src/sss_client/common.c:974
msgid "Public socket has wrong ownership or permissions."
msgstr "Publiczne gniazdo posiada błędnego właściciela lub uprawnienia"
-#: src/sss_client/common.c:975
+#: src/sss_client/common.c:977
msgid "Unexpected format of the server credential message."
msgstr "Nieoczekiwany format komunikatu uwierzytelniającego serwera."
-#: src/sss_client/common.c:978
+#: src/sss_client/common.c:980
msgid "SSSD is not run by root."
msgstr "SSSD nie zostało uruchomione w trybie roota."
-#: src/sss_client/common.c:983
+#: src/sss_client/common.c:985
msgid "An error occurred, but no description can be found."
msgstr "Wystąpił błąd, ale nie odnaleziono jego opisu."
-#: src/sss_client/common.c:989
+#: src/sss_client/common.c:991
msgid "Unexpected error while looking for an error description"
msgstr "Nieoczekiwany błąd podczas wyszukiwania opisu błędu"
-#: src/sss_client/pam_sss.c:398
+#: src/sss_client/pam_sss.c:63
+msgid "Permission denied. "
+msgstr ""
+
+#: src/sss_client/pam_sss.c:64 src/sss_client/pam_sss.c:883
+#: src/sss_client/pam_sss.c:894
+msgid "Server message: "
+msgstr "Komunikat serwera: "
+
+#: src/sss_client/pam_sss.c:401
msgid "Passwords do not match"
msgstr "Hasła nie zgadzają się"
-#: src/sss_client/pam_sss.c:586
+#: src/sss_client/pam_sss.c:589
msgid "Password reset by root is not supported."
msgstr "Przywrócenie hasła przez użytkownika root nie jest obsługiwane."
-#: src/sss_client/pam_sss.c:627
+#: src/sss_client/pam_sss.c:630
msgid "Authenticated with cached credentials"
msgstr "Uwierzytelniono za pomocą danych z pamięci podręcznej"
-#: src/sss_client/pam_sss.c:628
+#: src/sss_client/pam_sss.c:631
msgid ", your cached password will expire at: "
msgstr ", hasło w pamięci podręcznej wygaśnie za: "
-#: src/sss_client/pam_sss.c:658
+#: src/sss_client/pam_sss.c:661
#, c-format
msgid "Your password has expired. You have %1$d grace login(s) remaining."
msgstr "Hasło wygasło. Pozostało %1$d możliwych logowań."
-#: src/sss_client/pam_sss.c:704
+#: src/sss_client/pam_sss.c:707
#, c-format
msgid "Your password will expire in %1$d %2$s."
msgstr "Hasło wygaśnie za %1$d %2$s."
-#: src/sss_client/pam_sss.c:753
+#: src/sss_client/pam_sss.c:756
msgid "Authentication is denied until: "
msgstr "Uwierzytelnianie jest zabronione do: "
-#: src/sss_client/pam_sss.c:774
+#: src/sss_client/pam_sss.c:777
msgid "System is offline, password change not possible"
msgstr "System jest w trybie offline, zmiana hasła nie jest możliwa"
-#: src/sss_client/pam_sss.c:789
+#: src/sss_client/pam_sss.c:792
msgid ""
"After changing the OTP password, you need to log out and back in order to "
"acquire a ticket"
@@ -1412,31 +1433,27 @@ msgstr ""
"Po zmianie hasła OTP należy się wylogować i zalogować ponownie, aby uzyskać "
"zgłoszenie"
-#: src/sss_client/pam_sss.c:820 src/sss_client/pam_sss.c:833
+#: src/sss_client/pam_sss.c:880 src/sss_client/pam_sss.c:893
msgid "Password change failed. "
msgstr "Zmiana hasła nie powiodła się. "
-#: src/sss_client/pam_sss.c:823 src/sss_client/pam_sss.c:834
-msgid "Server message: "
-msgstr "Komunikat serwera: "
-
-#: src/sss_client/pam_sss.c:1274
+#: src/sss_client/pam_sss.c:1336
msgid "New Password: "
msgstr "Nowe hasło: "
-#: src/sss_client/pam_sss.c:1275
+#: src/sss_client/pam_sss.c:1337
msgid "Reenter new Password: "
msgstr "Proszę ponownie podać nowe hasło: "
-#: src/sss_client/pam_sss.c:1374
+#: src/sss_client/pam_sss.c:1436
msgid "Password: "
msgstr "Hasło: "
-#: src/sss_client/pam_sss.c:1406
+#: src/sss_client/pam_sss.c:1468
msgid "Current Password: "
msgstr "Bieżące hasło: "
-#: src/sss_client/pam_sss.c:1582
+#: src/sss_client/pam_sss.c:1644
msgid "Password expired. Change your password now."
msgstr "Hasło wygasło. Proszę je zmienić teraz."
diff --git a/po/pt.po b/po/pt.po
index 55a6093f3..789d3fd05 100644
--- a/po/pt.po
+++ b/po/pt.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2015-02-18 16:53+0100\n"
+"POT-Creation-Date: 2015-06-12 10:37+0200\n"
"PO-Revision-Date: 2014-06-04 02:04-0400\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Portuguese (http://www.transifex.com/projects/p/sssd/language/"
@@ -17,7 +17,7 @@ msgstr ""
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"
-"X-Generator: Zanata 3.5.1\n"
+"X-Generator: Zanata 3.6.2\n"
#: src/config/SSSDConfig/__init__.py.in:43
msgid "Set the verbosity of the debug logging"
@@ -103,7 +103,7 @@ msgid "Entry cache background update timeout length (seconds)"
msgstr "Validade da actualização da cache em segundo plano (segundos)"
#: src/config/SSSDConfig/__init__.py.in:67
-#: src/config/SSSDConfig/__init__.py.in:96
+#: src/config/SSSDConfig/__init__.py.in:97
msgid "Negative cache timeout length (seconds)"
msgstr "Validade da cache negativa (segundos)"
@@ -202,1031 +202,1043 @@ msgstr ""
msgid "List of domains accessible even for untrusted users."
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:93
+#: src/config/SSSDConfig/__init__.py.in:91
+msgid "Message printed when user account is expired."
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:94
msgid "Whether to evaluate the time-based attributes in sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:99
+#: src/config/SSSDConfig/__init__.py.in:100
msgid "Whether to hash host names and addresses in the known_hosts file"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:100
+#: src/config/SSSDConfig/__init__.py.in:101
msgid ""
"How many seconds to keep a host in the known_hosts file after its host keys "
"were requested"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:103
+#: src/config/SSSDConfig/__init__.py.in:104
msgid "List of UIDs or user names allowed to access the PAC responder"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:106
+#: src/config/SSSDConfig/__init__.py.in:107
msgid "List of UIDs or user names allowed to access the InfoPipe responder"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:107
+#: src/config/SSSDConfig/__init__.py.in:108
msgid "List of user attributes the InfoPipe is allowed to publish"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:110
+#: src/config/SSSDConfig/__init__.py.in:111
msgid "Identity provider"
msgstr "Fornecedor de identidade"
-#: src/config/SSSDConfig/__init__.py.in:111
+#: src/config/SSSDConfig/__init__.py.in:112
msgid "Authentication provider"
msgstr "Fornecedor de autenticação"
-#: src/config/SSSDConfig/__init__.py.in:112
+#: src/config/SSSDConfig/__init__.py.in:113
msgid "Access control provider"
msgstr "Fornecedor de controle de acesso"
-#: src/config/SSSDConfig/__init__.py.in:113
+#: src/config/SSSDConfig/__init__.py.in:114
msgid "Password change provider"
msgstr "Fornecedor de Alteração de Senha"
-#: src/config/SSSDConfig/__init__.py.in:114
+#: src/config/SSSDConfig/__init__.py.in:115
msgid "SUDO provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:115
+#: src/config/SSSDConfig/__init__.py.in:116
msgid "Autofs provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:116
+#: src/config/SSSDConfig/__init__.py.in:117
msgid "Session-loading provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:117
+#: src/config/SSSDConfig/__init__.py.in:118
msgid "Host identity provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:120
+#: src/config/SSSDConfig/__init__.py.in:121
msgid "Minimum user ID"
msgstr "ID de utilizador mínimo"
-#: src/config/SSSDConfig/__init__.py.in:121
+#: src/config/SSSDConfig/__init__.py.in:122
msgid "Maximum user ID"
msgstr "ID de utilizador máximo"
-#: src/config/SSSDConfig/__init__.py.in:122
+#: src/config/SSSDConfig/__init__.py.in:123
msgid "Enable enumerating all users/groups"
msgstr "Permitir enumeração de todos os utilizadores/grupos"
-#: src/config/SSSDConfig/__init__.py.in:123
+#: src/config/SSSDConfig/__init__.py.in:124
msgid "Cache credentials for offline login"
msgstr "Efectuar cache de credenciais para sessões em modo desligado"
-#: src/config/SSSDConfig/__init__.py.in:124
+#: src/config/SSSDConfig/__init__.py.in:125
msgid "Store password hashes"
msgstr "Guardar hashes da senha"
-#: src/config/SSSDConfig/__init__.py.in:125
+#: src/config/SSSDConfig/__init__.py.in:126
msgid "Display users/groups in fully-qualified form"
msgstr "Apresentar utilizadores/grupos na forma completa"
-#: src/config/SSSDConfig/__init__.py.in:126
+#: src/config/SSSDConfig/__init__.py.in:127
msgid "Don't include group members in group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:127
-#: src/config/SSSDConfig/__init__.py.in:134
+#: src/config/SSSDConfig/__init__.py.in:128
#: src/config/SSSDConfig/__init__.py.in:135
#: src/config/SSSDConfig/__init__.py.in:136
#: src/config/SSSDConfig/__init__.py.in:137
#: src/config/SSSDConfig/__init__.py.in:138
#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "Entry cache timeout length (seconds)"
msgstr "Validade da cache (segundos)"
-#: src/config/SSSDConfig/__init__.py.in:128
+#: src/config/SSSDConfig/__init__.py.in:129
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr ""
"Restringir ou preferir famílias de endereços especificas quando efectua "
"consultas DNS"
-#: src/config/SSSDConfig/__init__.py.in:129
+#: src/config/SSSDConfig/__init__.py.in:130
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
"Durante quanto tempo devem ser permitidas as caches de sessões entre sessões "
"bem sucedidas (dias)"
-#: src/config/SSSDConfig/__init__.py.in:130
+#: src/config/SSSDConfig/__init__.py.in:131
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "The domain part of service discovery DNS query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "Override GID value from the identity provider with this value"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Treat usernames as case sensitive"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "How often should expired entries be refreshed in background"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "Whether to automatically update the client's DNS entry"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:142
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:143
+#: src/config/SSSDConfig/__init__.py.in:159
msgid "The TTL to apply to the client's DNS entry after updating it"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:143
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:145
msgid "How often to periodically update the client's DNS entry"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:146
msgid "Whether the provider should explicitly update the PTR record as well"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:147
msgid "Whether the nsupdate utility should default to using TCP"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "What kind of authentication should be used to perform the DNS update"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:148
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "Control enumeration of trusted domains"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:149
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "How often should subdomains list be refreshed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:152
+#: src/config/SSSDConfig/__init__.py.in:151
+msgid "List of options that should be inherited into a subdomain"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:154
msgid "IPA domain"
msgstr "Domínio IPA"
-#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:155
msgid "IPA server address"
msgstr "Endereço do servidor IPA"
-#: src/config/SSSDConfig/__init__.py.in:154
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Address of backup IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:155
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "IPA client hostname"
msgstr "Nome da máquina do cliente IPA"
-#: src/config/SSSDConfig/__init__.py.in:156
+#: src/config/SSSDConfig/__init__.py.in:158
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:161
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:160
+#: src/config/SSSDConfig/__init__.py.in:162
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:161
+#: src/config/SSSDConfig/__init__.py.in:163
msgid ""
"The amount of time in seconds between lookups of the SELinux maps against "
"the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:162
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "The automounter location this IPA client is using"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Search base for object containing info about IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:168
msgid "Search base for objects containing info about ID ranges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:167
-#: src/config/SSSDConfig/__init__.py.in:181
+#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:183
msgid "Enable DNS sites - location based service discovery"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:168
+#: src/config/SSSDConfig/__init__.py.in:170
msgid "Search base for view containers"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:171
msgid "Objectclass for view containers"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:170
+#: src/config/SSSDConfig/__init__.py.in:172
msgid "Attribute with the name of the view"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
msgid "Objectclass for override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:172
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Attribute with the reference to the original object"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:175
msgid "Objectclass for user override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:176
msgid "Objectclass for group override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "Active Directory domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "Active Directory server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "Active Directory backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "Active Directory client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:182
-#: src/config/SSSDConfig/__init__.py.in:357
+#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:360
msgid "LDAP filter to determine access privileges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:183
+#: src/config/SSSDConfig/__init__.py.in:185
msgid "Whether to use the Global Catalog for lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Operation mode for GPO-based access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:187
msgid ""
"The amount of time between lookups of the GPO policy files against the AD "
"server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:186
+#: src/config/SSSDConfig/__init__.py.in:188
msgid ""
"PAM service names that map to the GPO (Deny)InteractiveLogonRight policy "
"settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:189
msgid ""
"PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight "
"policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:190
msgid ""
"PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:191
msgid ""
"PAM service names that map to the GPO (Deny)BatchLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:192
msgid ""
"PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "PAM service names for which GPO-based access is always granted"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "PAM service names for which GPO-based access is always denied"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:195
msgid ""
"Default logon right (or permit/deny) to use for unmapped PAM service names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "a particular site to be used by the client"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:197
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "Kerberos server address"
msgstr "Endereço do servidor Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Kerberos backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "Kerberos realm"
msgstr "Reino Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "Authentication timeout"
msgstr "Tempo de expiração da autenticação"
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "Whether to create kdcinfo files"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "Where to drop krb5 config snippets"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "Directory to store credential caches"
msgstr "Directório para armazenar as caches de credenciais"
-#: src/config/SSSDConfig/__init__.py.in:207
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "Location of the user's credential cache"
msgstr "Localização da cache de credenciais dos utilizadores"
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:210
msgid "Location of the keytab to validate credentials"
msgstr "Localização da tabela de chaves (keytab) para validar credenciais"
-#: src/config/SSSDConfig/__init__.py.in:209
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "Enable credential validation"
msgstr "Activar validação de credenciais"
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:212
msgid "Store password if offline for later online authentication"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:211
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:212
+#: src/config/SSSDConfig/__init__.py.in:214
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:215
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "Enables FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "Selects the principal to use for FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:218
msgid "Enables principal canonicalization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:217
+#: src/config/SSSDConfig/__init__.py.in:219
msgid "Enables enterprise principals"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:220
-#: src/config/SSSDConfig/__init__.py.in:221
+msgid "A mapping from user names to kerberos principal names"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:224
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
"Servidor onde está em execução o serviço de alteração de senha, se não "
"coincide com o KDC"
-#: src/config/SSSDConfig/__init__.py.in:224
+#: src/config/SSSDConfig/__init__.py.in:227
msgid "ldap_uri, The URI of the LDAP server"
msgstr "ldap_uri, O URI do servidor LDAP"
-#: src/config/SSSDConfig/__init__.py.in:225
+#: src/config/SSSDConfig/__init__.py.in:228
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:226
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "The default base DN"
msgstr "A base DN por omissão"
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr "O tipo de Schema em utilização no servidor LDAP, rfc2307"
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "The default bind DN"
msgstr "O DN por omissão para a ligação"
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "The type of the authentication token of the default bind DN"
msgstr "O tipo de token de autenticação do bind DN por omissão"
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "The authentication token of the default bind DN"
msgstr "O token de autenticação do bind DN por omissão"
-#: src/config/SSSDConfig/__init__.py.in:231
+#: src/config/SSSDConfig/__init__.py.in:234
msgid "Length of time to attempt connection"
msgstr "Período de tempo para tentar ligação"
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Length of time to attempt synchronous LDAP operations"
msgstr "Tempo de espera para tentar operações LDAP síncronas"
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "Length of time between attempts to reconnect while offline"
msgstr "Tempo de espera entre tentativas para re-conectar quando desligado"
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "File that contains CA certificates"
msgstr "Ficheiro que contêm os certificados CA"
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Path to CA certificate directory"
msgstr "Caminho para o directório do certificado CA"
-#: src/config/SSSDConfig/__init__.py.in:237
+#: src/config/SSSDConfig/__init__.py.in:240
msgid "File that contains the client certificate"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "File that contains the client key"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "Require TLS certificate verification"
msgstr "Obriga a verificação de certificados TLS"
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "Specify the sasl mechanism to use"
msgstr "Especificar mecanismo sasl a utilizar"
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "Specify the sasl authorization id to use"
msgstr "Especifique o id sasl para utilizar na autorização"
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "Specify the sasl authorization realm to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:244
+#: src/config/SSSDConfig/__init__.py.in:247
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Kerberos service keytab"
msgstr "Separador chave do serviço Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "Use Kerberos auth for LDAP connection"
msgstr "Utilizar autenticação Kerberos para ligações LDAP"
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "Follow LDAP referrals"
msgstr "Seguir os referrals LDAP"
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "Lifetime of TGT for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:250
+#: src/config/SSSDConfig/__init__.py.in:253
msgid "Service name for DNS service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "entryUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "lastUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:260
+#: src/config/SSSDConfig/__init__.py.in:263
msgid "Disable the LDAP paging control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "Disable Active Directory range retrieval"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "Length of time to wait for a search request"
msgstr "Tempo de espera por um pedido de pesquisa"
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "Length of time to wait for a enumeration request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "Length of time between enumeration updates"
msgstr "Período de tempo entre enumeração de actualizações"
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "Length of time between cache cleanups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "Require TLS for ID lookups"
msgstr "Requer TLS para consultas de ID"
-#: src/config/SSSDConfig/__init__.py.in:269
+#: src/config/SSSDConfig/__init__.py.in:272
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:270
+#: src/config/SSSDConfig/__init__.py.in:273
msgid "Base DN for user lookups"
msgstr "DN base para pesquisa de utilizadores"
-#: src/config/SSSDConfig/__init__.py.in:271
+#: src/config/SSSDConfig/__init__.py.in:274
msgid "Scope of user lookups"
msgstr "Âmbito das pesquisas do utilizador"
-#: src/config/SSSDConfig/__init__.py.in:272
+#: src/config/SSSDConfig/__init__.py.in:275
msgid "Filter for user lookups"
msgstr "Filtro para as pesquisas do utilizador"
-#: src/config/SSSDConfig/__init__.py.in:273
+#: src/config/SSSDConfig/__init__.py.in:276
msgid "Objectclass for users"
msgstr "Objectclass para utilizadores"
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Username attribute"
msgstr "Atributo do nome do utilizador"
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "UID attribute"
msgstr "Atributo UID"
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "Primary GID attribute"
msgstr "Atributo GID primário"
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "GECOS attribute"
msgstr "Atributo GECOS"
-#: src/config/SSSDConfig/__init__.py.in:279
+#: src/config/SSSDConfig/__init__.py.in:282
msgid "Home directory attribute"
msgstr "Atributo da pasta pessoal"
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "Shell attribute"
msgstr "Atributo da Shell"
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
#, fuzzy
msgid "UUID attribute"
msgstr "Atributo UID"
-#: src/config/SSSDConfig/__init__.py.in:282
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:322
msgid "objectSID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Active Directory primary group attribute for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:284
+#: src/config/SSSDConfig/__init__.py.in:287
msgid "User principal attribute (for Kerberos)"
msgstr "Atributo principal do utilizador (para Kerberos)"
-#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:288
msgid "Full Name"
msgstr "Nome Completo"
-#: src/config/SSSDConfig/__init__.py.in:286
+#: src/config/SSSDConfig/__init__.py.in:289
msgid "memberOf attribute"
msgstr "Atributo memberOf"
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Modification time attribute"
msgstr "Atributo da alteração da data"
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "shadowMin attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "shadowMax attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:292
+#: src/config/SSSDConfig/__init__.py.in:295
msgid "shadowWarning attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:293
+#: src/config/SSSDConfig/__init__.py.in:296
msgid "shadowInactive attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "shadowExpire attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "shadowFlag attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:296
+#: src/config/SSSDConfig/__init__.py.in:299
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:297
+#: src/config/SSSDConfig/__init__.py.in:300
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:298
+#: src/config/SSSDConfig/__init__.py.in:301
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:299
+#: src/config/SSSDConfig/__init__.py.in:302
msgid "krbPasswordExpiration attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:300
+#: src/config/SSSDConfig/__init__.py.in:303
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "accountExpires attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "nsAccountLock attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:304
+#: src/config/SSSDConfig/__init__.py.in:307
msgid "loginDisabled attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:305
+#: src/config/SSSDConfig/__init__.py.in:308
msgid "loginExpirationTime attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:306
+#: src/config/SSSDConfig/__init__.py.in:309
msgid "loginAllowedTimeMap attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "SSH public key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "A list of extra attributes to download along with the user entry"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:310
+#: src/config/SSSDConfig/__init__.py.in:313
msgid "Base DN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:313
+#: src/config/SSSDConfig/__init__.py.in:316
msgid "Objectclass for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "Group name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Group password"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid "GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:317
+#: src/config/SSSDConfig/__init__.py.in:320
msgid "Group member attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:318
+#: src/config/SSSDConfig/__init__.py.in:321
#, fuzzy
msgid "Group UUID attribute"
msgstr "Atributo UID"
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "Modification time attribute for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "Type of the group and other flags"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:323
+#: src/config/SSSDConfig/__init__.py.in:326
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Base DN for netgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Objectclass for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Netgroups members attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid "Netgroup triple attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "Modification time attribute for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:332
+#: src/config/SSSDConfig/__init__.py.in:335
msgid "Base DN for service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Objectclass for services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Service name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Service port attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Service protocol attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:339
+#: src/config/SSSDConfig/__init__.py.in:342
msgid "Lower bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:340
+#: src/config/SSSDConfig/__init__.py.in:343
msgid "Upper bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:343
+#: src/config/SSSDConfig/__init__.py.in:346
msgid "Name of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:344
+#: src/config/SSSDConfig/__init__.py.in:347
msgid "SID of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:347
+#: src/config/SSSDConfig/__init__.py.in:350
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:348
+#: src/config/SSSDConfig/__init__.py.in:351
msgid "Whether to use Token-Groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "Set lower boundary for allowed IDs from the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Set upper boundary for allowed IDs from the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:351
+#: src/config/SSSDConfig/__init__.py.in:354
msgid "DN for ppolicy queries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:354
+#: src/config/SSSDConfig/__init__.py.in:357
msgid "Policy to evaluate the password expiration"
msgstr "Politica para avaliar a expiração da senha"
-#: src/config/SSSDConfig/__init__.py.in:358
+#: src/config/SSSDConfig/__init__.py.in:361
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:359
+#: src/config/SSSDConfig/__init__.py.in:362
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:362
+#: src/config/SSSDConfig/__init__.py.in:365
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:363
+#: src/config/SSSDConfig/__init__.py.in:366
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:364
+#: src/config/SSSDConfig/__init__.py.in:367
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:365
+#: src/config/SSSDConfig/__init__.py.in:368
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:368
+#: src/config/SSSDConfig/__init__.py.in:371
msgid "Base DN for sudo rules lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:369
+#: src/config/SSSDConfig/__init__.py.in:372
msgid "Automatic full refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:370
+#: src/config/SSSDConfig/__init__.py.in:373
msgid "Automatic smart refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:371
+#: src/config/SSSDConfig/__init__.py.in:374
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:372
+#: src/config/SSSDConfig/__init__.py.in:375
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:373
+#: src/config/SSSDConfig/__init__.py.in:376
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:374
+#: src/config/SSSDConfig/__init__.py.in:377
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:375
+#: src/config/SSSDConfig/__init__.py.in:378
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:376
+#: src/config/SSSDConfig/__init__.py.in:379
msgid "Object class for sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:377
+#: src/config/SSSDConfig/__init__.py.in:380
msgid "Sudo rule name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:378
+#: src/config/SSSDConfig/__init__.py.in:381
msgid "Sudo rule command attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:379
+#: src/config/SSSDConfig/__init__.py.in:382
msgid "Sudo rule host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:380
+#: src/config/SSSDConfig/__init__.py.in:383
msgid "Sudo rule user attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:381
+#: src/config/SSSDConfig/__init__.py.in:384
msgid "Sudo rule option attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:382
+#: src/config/SSSDConfig/__init__.py.in:385
msgid "Sudo rule runas attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:383
+#: src/config/SSSDConfig/__init__.py.in:386
msgid "Sudo rule runasuser attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:384
+#: src/config/SSSDConfig/__init__.py.in:387
msgid "Sudo rule runasgroup attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:385
+#: src/config/SSSDConfig/__init__.py.in:388
msgid "Sudo rule notbefore attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:386
+#: src/config/SSSDConfig/__init__.py.in:389
msgid "Sudo rule notafter attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:387
+#: src/config/SSSDConfig/__init__.py.in:390
msgid "Sudo rule order attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:390
+#: src/config/SSSDConfig/__init__.py.in:393
msgid "Object class for automounter maps"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:391
+#: src/config/SSSDConfig/__init__.py.in:394
msgid "Automounter map name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:392
+#: src/config/SSSDConfig/__init__.py.in:395
msgid "Object class for automounter map entries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:393
+#: src/config/SSSDConfig/__init__.py.in:396
msgid "Automounter map entry key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:394
+#: src/config/SSSDConfig/__init__.py.in:397
msgid "Automounter map entry value attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:395
+#: src/config/SSSDConfig/__init__.py.in:398
msgid "Base DN for automounter map lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:398
+#: src/config/SSSDConfig/__init__.py.in:401
msgid "Comma separated list of allowed users"
msgstr "Lista de utilizadores autorizados separados por vírgulas"
-#: src/config/SSSDConfig/__init__.py.in:399
+#: src/config/SSSDConfig/__init__.py.in:402
msgid "Comma separated list of prohibited users"
msgstr "Lista de utilizadores não autorizados separados por vírgulas"
-#: src/config/SSSDConfig/__init__.py.in:402
+#: src/config/SSSDConfig/__init__.py.in:405
msgid "Default shell, /bin/bash"
msgstr "Shell pré-definida, /bin/bash"
-#: src/config/SSSDConfig/__init__.py.in:403
+#: src/config/SSSDConfig/__init__.py.in:406
msgid "Base for home directories"
msgstr "Directório base para as pastas pessoais"
-#: src/config/SSSDConfig/__init__.py.in:406
+#: src/config/SSSDConfig/__init__.py.in:409
msgid "The name of the NSS library to use"
msgstr "O nome da biblioteca NSS a utilizar"
-#: src/config/SSSDConfig/__init__.py.in:407
+#: src/config/SSSDConfig/__init__.py.in:410
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:410
+#: src/config/SSSDConfig/__init__.py.in:413
msgid "PAM stack to use"
msgstr "Stack PAM a utilizar"
@@ -1246,26 +1258,26 @@ msgstr "Especificar um ficheiro de configuração não standard"
msgid "Print version number and exit"
msgstr ""
-#: src/providers/krb5/krb5_child.c:2342 src/providers/ldap/ldap_child.c:589
+#: src/providers/krb5/krb5_child.c:2342 src/providers/ldap/ldap_child.c:609
#: src/util/util.h:108
msgid "Debug level"
msgstr "Nível de depuração"
-#: src/providers/krb5/krb5_child.c:2344 src/providers/ldap/ldap_child.c:591
+#: src/providers/krb5/krb5_child.c:2344 src/providers/ldap/ldap_child.c:611
#: src/util/util.h:114
msgid "Add debug timestamps"
msgstr "Adicionar tempos na depuração"
-#: src/providers/krb5/krb5_child.c:2346 src/providers/ldap/ldap_child.c:593
+#: src/providers/krb5/krb5_child.c:2346 src/providers/ldap/ldap_child.c:613
#: src/util/util.h:116
msgid "Show timestamps with microseconds"
msgstr ""
-#: src/providers/krb5/krb5_child.c:2348 src/providers/ldap/ldap_child.c:595
+#: src/providers/krb5/krb5_child.c:2348 src/providers/ldap/ldap_child.c:615
msgid "An open file descriptor for the debug logs"
msgstr "Um descritor de ficheiro aberto para os registos de depuração"
-#: src/providers/krb5/krb5_child.c:2351 src/providers/ldap/ldap_child.c:597
+#: src/providers/krb5/krb5_child.c:2351 src/providers/ldap/ldap_child.c:617
#: src/util/util.h:112
msgid "Send the debug output to stderr directly."
msgstr ""
@@ -1278,99 +1290,104 @@ msgstr ""
msgid "The group to create FAST ccache as"
msgstr ""
-#: src/providers/data_provider_be.c:2833
+#: src/providers/data_provider_be.c:2834
msgid "Domain of the information provider (mandatory)"
msgstr "Domínio do fornecedor de informação (obrigatório)"
-#: src/sss_client/common.c:969
+#: src/sss_client/common.c:971
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:972
+#: src/sss_client/common.c:974
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:975
+#: src/sss_client/common.c:977
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:978
+#: src/sss_client/common.c:980
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:983
+#: src/sss_client/common.c:985
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:989
+#: src/sss_client/common.c:991
msgid "Unexpected error while looking for an error description"
msgstr ""
-#: src/sss_client/pam_sss.c:398
+#: src/sss_client/pam_sss.c:63
+msgid "Permission denied. "
+msgstr ""
+
+#: src/sss_client/pam_sss.c:64 src/sss_client/pam_sss.c:883
+#: src/sss_client/pam_sss.c:894
+msgid "Server message: "
+msgstr "Mensagem do Servidor: "
+
+#: src/sss_client/pam_sss.c:401
msgid "Passwords do not match"
msgstr "Senhas não coincidem"
-#: src/sss_client/pam_sss.c:586
+#: src/sss_client/pam_sss.c:589
msgid "Password reset by root is not supported."
msgstr ""
-#: src/sss_client/pam_sss.c:627
+#: src/sss_client/pam_sss.c:630
msgid "Authenticated with cached credentials"
msgstr ""
-#: src/sss_client/pam_sss.c:628
+#: src/sss_client/pam_sss.c:631
msgid ", your cached password will expire at: "
msgstr ", a sua senha guardada em cache irá expirar em: "
-#: src/sss_client/pam_sss.c:658
+#: src/sss_client/pam_sss.c:661
#, c-format
msgid "Your password has expired. You have %1$d grace login(s) remaining."
msgstr ""
-#: src/sss_client/pam_sss.c:704
+#: src/sss_client/pam_sss.c:707
#, c-format
msgid "Your password will expire in %1$d %2$s."
msgstr ""
-#: src/sss_client/pam_sss.c:753
+#: src/sss_client/pam_sss.c:756
msgid "Authentication is denied until: "
msgstr ""
-#: src/sss_client/pam_sss.c:774
+#: src/sss_client/pam_sss.c:777
msgid "System is offline, password change not possible"
msgstr "O sistema está offline, a mudança de senha não é possível"
-#: src/sss_client/pam_sss.c:789
+#: src/sss_client/pam_sss.c:792
msgid ""
"After changing the OTP password, you need to log out and back in order to "
"acquire a ticket"
msgstr ""
-#: src/sss_client/pam_sss.c:820 src/sss_client/pam_sss.c:833
+#: src/sss_client/pam_sss.c:880 src/sss_client/pam_sss.c:893
msgid "Password change failed. "
msgstr "Alteração da senha falhou."
-#: src/sss_client/pam_sss.c:823 src/sss_client/pam_sss.c:834
-msgid "Server message: "
-msgstr "Mensagem do Servidor: "
-
-#: src/sss_client/pam_sss.c:1274
+#: src/sss_client/pam_sss.c:1336
msgid "New Password: "
msgstr "Nova Senha: "
-#: src/sss_client/pam_sss.c:1275
+#: src/sss_client/pam_sss.c:1337
msgid "Reenter new Password: "
msgstr "Digite a senha novamente: "
-#: src/sss_client/pam_sss.c:1374
+#: src/sss_client/pam_sss.c:1436
msgid "Password: "
msgstr "Senha: "
-#: src/sss_client/pam_sss.c:1406
+#: src/sss_client/pam_sss.c:1468
msgid "Current Password: "
msgstr "Senha actual: "
-#: src/sss_client/pam_sss.c:1582
+#: src/sss_client/pam_sss.c:1644
msgid "Password expired. Change your password now."
msgstr "A senha expirou. Altere a sua senha agora."
diff --git a/po/ru.po b/po/ru.po
index 35dfef5c0..f912fe26f 100644
--- a/po/ru.po
+++ b/po/ru.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2015-02-18 16:53+0100\n"
+"POT-Creation-Date: 2015-06-12 10:37+0200\n"
"PO-Revision-Date: 2014-06-04 02:04-0400\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Russian (http://www.transifex.com/projects/p/sssd/language/"
@@ -19,7 +19,7 @@ msgstr ""
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n"
"%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n"
-"X-Generator: Zanata 3.5.1\n"
+"X-Generator: Zanata 3.6.2\n"
#: src/config/SSSDConfig/__init__.py.in:43
msgid "Set the verbosity of the debug logging"
@@ -105,7 +105,7 @@ msgid "Entry cache background update timeout length (seconds)"
msgstr "Тайм-аут фонового обновления элемента списка кэша (в секундах)"
#: src/config/SSSDConfig/__init__.py.in:67
-#: src/config/SSSDConfig/__init__.py.in:96
+#: src/config/SSSDConfig/__init__.py.in:97
msgid "Negative cache timeout length (seconds)"
msgstr "Отрицательная длина тайм-аута кэша (в секундах)"
@@ -203,1032 +203,1044 @@ msgstr ""
msgid "List of domains accessible even for untrusted users."
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:93
+#: src/config/SSSDConfig/__init__.py.in:91
+msgid "Message printed when user account is expired."
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:94
msgid "Whether to evaluate the time-based attributes in sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:99
+#: src/config/SSSDConfig/__init__.py.in:100
msgid "Whether to hash host names and addresses in the known_hosts file"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:100
+#: src/config/SSSDConfig/__init__.py.in:101
msgid ""
"How many seconds to keep a host in the known_hosts file after its host keys "
"were requested"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:103
+#: src/config/SSSDConfig/__init__.py.in:104
msgid "List of UIDs or user names allowed to access the PAC responder"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:106
+#: src/config/SSSDConfig/__init__.py.in:107
msgid "List of UIDs or user names allowed to access the InfoPipe responder"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:107
+#: src/config/SSSDConfig/__init__.py.in:108
msgid "List of user attributes the InfoPipe is allowed to publish"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:110
+#: src/config/SSSDConfig/__init__.py.in:111
msgid "Identity provider"
msgstr "Поставщик данных для идентификации"
-#: src/config/SSSDConfig/__init__.py.in:111
+#: src/config/SSSDConfig/__init__.py.in:112
msgid "Authentication provider"
msgstr "Поставщик данных для проверки подлинности"
-#: src/config/SSSDConfig/__init__.py.in:112
+#: src/config/SSSDConfig/__init__.py.in:113
msgid "Access control provider"
msgstr "Поставщик данных для контроля доступа"
-#: src/config/SSSDConfig/__init__.py.in:113
+#: src/config/SSSDConfig/__init__.py.in:114
msgid "Password change provider"
msgstr "Поставщик операции смены пароля"
-#: src/config/SSSDConfig/__init__.py.in:114
+#: src/config/SSSDConfig/__init__.py.in:115
msgid "SUDO provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:115
+#: src/config/SSSDConfig/__init__.py.in:116
msgid "Autofs provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:116
+#: src/config/SSSDConfig/__init__.py.in:117
msgid "Session-loading provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:117
+#: src/config/SSSDConfig/__init__.py.in:118
msgid "Host identity provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:120
+#: src/config/SSSDConfig/__init__.py.in:121
msgid "Minimum user ID"
msgstr "Минимальный ID пользователя"
-#: src/config/SSSDConfig/__init__.py.in:121
+#: src/config/SSSDConfig/__init__.py.in:122
msgid "Maximum user ID"
msgstr "Максимальный ID пользователя"
-#: src/config/SSSDConfig/__init__.py.in:122
+#: src/config/SSSDConfig/__init__.py.in:123
msgid "Enable enumerating all users/groups"
msgstr "Включить перечисление всех пользователей/групп"
-#: src/config/SSSDConfig/__init__.py.in:123
+#: src/config/SSSDConfig/__init__.py.in:124
msgid "Cache credentials for offline login"
msgstr "Кэшировать учётные данные для неинтерактивного входа"
-#: src/config/SSSDConfig/__init__.py.in:124
+#: src/config/SSSDConfig/__init__.py.in:125
msgid "Store password hashes"
msgstr "Хранить хеши паролей"
-#: src/config/SSSDConfig/__init__.py.in:125
+#: src/config/SSSDConfig/__init__.py.in:126
msgid "Display users/groups in fully-qualified form"
msgstr "Отображать пользователей/группы в полной форме"
-#: src/config/SSSDConfig/__init__.py.in:126
+#: src/config/SSSDConfig/__init__.py.in:127
msgid "Don't include group members in group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:127
-#: src/config/SSSDConfig/__init__.py.in:134
+#: src/config/SSSDConfig/__init__.py.in:128
#: src/config/SSSDConfig/__init__.py.in:135
#: src/config/SSSDConfig/__init__.py.in:136
#: src/config/SSSDConfig/__init__.py.in:137
#: src/config/SSSDConfig/__init__.py.in:138
#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "Entry cache timeout length (seconds)"
msgstr "Тайм-аут элемента списка кэша (в секундах)"
-#: src/config/SSSDConfig/__init__.py.in:128
+#: src/config/SSSDConfig/__init__.py.in:129
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr ""
"Ограничивать или предпочитать определённое семейство адресов при выполнении "
"запросов DNS"
-#: src/config/SSSDConfig/__init__.py.in:129
+#: src/config/SSSDConfig/__init__.py.in:130
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
"Как долго хранить кэшированные элементы списка после последнего успешного "
"входа (в днях)"
-#: src/config/SSSDConfig/__init__.py.in:130
+#: src/config/SSSDConfig/__init__.py.in:131
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr "Время ожидания ответа DNS при преобразовании имён серверов (секунд)"
-#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "The domain part of service discovery DNS query"
msgstr "Доменная часть DNS-запроса поиска служб"
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "Override GID value from the identity provider with this value"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Treat usernames as case sensitive"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "How often should expired entries be refreshed in background"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "Whether to automatically update the client's DNS entry"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:142
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:143
+#: src/config/SSSDConfig/__init__.py.in:159
msgid "The TTL to apply to the client's DNS entry after updating it"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:143
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr "Интерфейс, адрес которого будет использован для обновления DNS"
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:145
msgid "How often to periodically update the client's DNS entry"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:146
msgid "Whether the provider should explicitly update the PTR record as well"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:147
msgid "Whether the nsupdate utility should default to using TCP"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "What kind of authentication should be used to perform the DNS update"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:148
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "Control enumeration of trusted domains"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:149
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "How often should subdomains list be refreshed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:152
+#: src/config/SSSDConfig/__init__.py.in:151
+msgid "List of options that should be inherited into a subdomain"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:154
msgid "IPA domain"
msgstr "IPA-домен"
-#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:155
msgid "IPA server address"
msgstr "адрес сервера IPA"
-#: src/config/SSSDConfig/__init__.py.in:154
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Address of backup IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:155
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "IPA client hostname"
msgstr "имя узла клиента IPA"
-#: src/config/SSSDConfig/__init__.py.in:156
+#: src/config/SSSDConfig/__init__.py.in:158
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr "Если требуется автоматическое обновление записи в"
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:161
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:160
+#: src/config/SSSDConfig/__init__.py.in:162
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:161
+#: src/config/SSSDConfig/__init__.py.in:163
msgid ""
"The amount of time in seconds between lookups of the SELinux maps against "
"the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:162
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "The automounter location this IPA client is using"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Search base for object containing info about IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:168
msgid "Search base for objects containing info about ID ranges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:167
-#: src/config/SSSDConfig/__init__.py.in:181
+#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:183
msgid "Enable DNS sites - location based service discovery"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:168
+#: src/config/SSSDConfig/__init__.py.in:170
msgid "Search base for view containers"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:171
msgid "Objectclass for view containers"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:170
+#: src/config/SSSDConfig/__init__.py.in:172
msgid "Attribute with the name of the view"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
msgid "Objectclass for override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:172
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Attribute with the reference to the original object"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:175
msgid "Objectclass for user override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:176
msgid "Objectclass for group override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "Active Directory domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "Active Directory server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "Active Directory backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "Active Directory client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:182
-#: src/config/SSSDConfig/__init__.py.in:357
+#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:360
msgid "LDAP filter to determine access privileges"
msgstr "Фильтр LDAP для определения прав доступа"
-#: src/config/SSSDConfig/__init__.py.in:183
+#: src/config/SSSDConfig/__init__.py.in:185
msgid "Whether to use the Global Catalog for lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Operation mode for GPO-based access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:187
msgid ""
"The amount of time between lookups of the GPO policy files against the AD "
"server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:186
+#: src/config/SSSDConfig/__init__.py.in:188
msgid ""
"PAM service names that map to the GPO (Deny)InteractiveLogonRight policy "
"settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:189
msgid ""
"PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight "
"policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:190
msgid ""
"PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:191
msgid ""
"PAM service names that map to the GPO (Deny)BatchLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:192
msgid ""
"PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "PAM service names for which GPO-based access is always granted"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "PAM service names for which GPO-based access is always denied"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:195
msgid ""
"Default logon right (or permit/deny) to use for unmapped PAM service names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "a particular site to be used by the client"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:197
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "Kerberos server address"
msgstr "Имя сервера Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Kerberos backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "Kerberos realm"
msgstr "Область действия Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "Authentication timeout"
msgstr "Тайм-аут проверки подлинности"
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "Whether to create kdcinfo files"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "Where to drop krb5 config snippets"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "Directory to store credential caches"
msgstr "Каталог для хранения кэшей учётных данных"
-#: src/config/SSSDConfig/__init__.py.in:207
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "Location of the user's credential cache"
msgstr "Расположения кэша учётных данных пользователей"
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:210
msgid "Location of the keytab to validate credentials"
msgstr "Расположение keytab-файла для проверки учётных данных"
-#: src/config/SSSDConfig/__init__.py.in:209
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "Enable credential validation"
msgstr "Включить проверку учётных данных"
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:212
msgid "Store password if offline for later online authentication"
msgstr ""
"При отсутствии соединения сохранить пароль и пройти аутентификацию позже"
-#: src/config/SSSDConfig/__init__.py.in:211
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:212
+#: src/config/SSSDConfig/__init__.py.in:214
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:215
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "Enables FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "Selects the principal to use for FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:218
msgid "Enables principal canonicalization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:217
+#: src/config/SSSDConfig/__init__.py.in:219
msgid "Enables enterprise principals"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:220
-#: src/config/SSSDConfig/__init__.py.in:221
+msgid "A mapping from user names to kerberos principal names"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:224
msgid "Server where the change password service is running if not on the KDC"
msgstr "Сервер, на котором запущена служба смены пароля (если не на KDC)"
-#: src/config/SSSDConfig/__init__.py.in:224
+#: src/config/SSSDConfig/__init__.py.in:227
msgid "ldap_uri, The URI of the LDAP server"
msgstr "ldap_uri, URI сервера LDAP "
-#: src/config/SSSDConfig/__init__.py.in:225
+#: src/config/SSSDConfig/__init__.py.in:228
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:226
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "The default base DN"
msgstr "Base DN по умолчанию"
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr "Тип схемы, используемой на LDAP-сервере, rfc2307"
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "The default bind DN"
msgstr "Bind DN по умолчанию"
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "The type of the authentication token of the default bind DN"
msgstr "Тип маркера проверки подлинности для bind DN по умолчанию"
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "The authentication token of the default bind DN"
msgstr "Маркер проверки подлинности для bind DN по умолчанию"
-#: src/config/SSSDConfig/__init__.py.in:231
+#: src/config/SSSDConfig/__init__.py.in:234
msgid "Length of time to attempt connection"
msgstr "Временной интервал для попытки соединения"
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Length of time to attempt synchronous LDAP operations"
msgstr "Временной интервал для попытки синхронизации операций LDAP"
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "Length of time between attempts to reconnect while offline"
msgstr ""
"Временной интервал между попытками возобновления соединения в автономного "
"режиме"
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "File that contains CA certificates"
msgstr "Файл содержащий сертификаты CA"
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Path to CA certificate directory"
msgstr "Путь к каталогу с сертификатами CA"
-#: src/config/SSSDConfig/__init__.py.in:237
+#: src/config/SSSDConfig/__init__.py.in:240
msgid "File that contains the client certificate"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "File that contains the client key"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "Require TLS certificate verification"
msgstr "Требуется проверка сертификата TLS"
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "Specify the sasl mechanism to use"
msgstr "Укажите механизм sasl"
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "Specify the sasl authorization id to use"
msgstr "Укажите идентификатор авторизации sasl"
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "Specify the sasl authorization realm to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:244
+#: src/config/SSSDConfig/__init__.py.in:247
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Kerberos service keytab"
msgstr "Keytab-файл службы Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "Use Kerberos auth for LDAP connection"
msgstr "Использовать проверку подлинности Kerberos для LDAP-соединения"
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "Follow LDAP referrals"
msgstr "Следовать ссылкам LDAP"
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "Lifetime of TGT for LDAP connection"
msgstr "Время жизни TGT для LDAP-соединений"
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:250
+#: src/config/SSSDConfig/__init__.py.in:253
msgid "Service name for DNS service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "entryUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "lastUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:260
+#: src/config/SSSDConfig/__init__.py.in:263
msgid "Disable the LDAP paging control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "Disable Active Directory range retrieval"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "Length of time to wait for a search request"
msgstr "Временной интервал, в течение которого ожидать поискового запроса"
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "Length of time to wait for a enumeration request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "Length of time between enumeration updates"
msgstr "Временной интервал между обновлениями перечисления"
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "Length of time between cache cleanups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "Require TLS for ID lookups"
msgstr "Требовать TLS для запросов ID"
-#: src/config/SSSDConfig/__init__.py.in:269
+#: src/config/SSSDConfig/__init__.py.in:272
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:270
+#: src/config/SSSDConfig/__init__.py.in:273
msgid "Base DN for user lookups"
msgstr "Base DN для поиска"
-#: src/config/SSSDConfig/__init__.py.in:271
+#: src/config/SSSDConfig/__init__.py.in:274
msgid "Scope of user lookups"
msgstr "Глубина поиска"
-#: src/config/SSSDConfig/__init__.py.in:272
+#: src/config/SSSDConfig/__init__.py.in:275
msgid "Filter for user lookups"
msgstr "Фильтр поиска"
-#: src/config/SSSDConfig/__init__.py.in:273
+#: src/config/SSSDConfig/__init__.py.in:276
msgid "Objectclass for users"
msgstr "Objectclass для пользователей"
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Username attribute"
msgstr "Атрибут «username»"
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "UID attribute"
msgstr "Атрибут «UID»"
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "Primary GID attribute"
msgstr "Атрибут «primary GID»"
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "GECOS attribute"
msgstr "Атрибут «GECOS»"
-#: src/config/SSSDConfig/__init__.py.in:279
+#: src/config/SSSDConfig/__init__.py.in:282
msgid "Home directory attribute"
msgstr "Атрибут домашнего каталога"
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "Shell attribute"
msgstr "Атрибут оболочки"
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
#, fuzzy
msgid "UUID attribute"
msgstr "Атрибут «UID»"
-#: src/config/SSSDConfig/__init__.py.in:282
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:322
msgid "objectSID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Active Directory primary group attribute for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:284
+#: src/config/SSSDConfig/__init__.py.in:287
msgid "User principal attribute (for Kerberos)"
msgstr "Атрибут участника-пользователя (для Kerberos)"
-#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:288
msgid "Full Name"
msgstr "Полное имя"
-#: src/config/SSSDConfig/__init__.py.in:286
+#: src/config/SSSDConfig/__init__.py.in:289
msgid "memberOf attribute"
msgstr "Атрибут memberOf"
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Modification time attribute"
msgstr "Атрибут времени изменения"
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "shadowMin attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "shadowMax attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:292
+#: src/config/SSSDConfig/__init__.py.in:295
msgid "shadowWarning attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:293
+#: src/config/SSSDConfig/__init__.py.in:296
msgid "shadowInactive attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "shadowExpire attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "shadowFlag attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:296
+#: src/config/SSSDConfig/__init__.py.in:299
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:297
+#: src/config/SSSDConfig/__init__.py.in:300
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:298
+#: src/config/SSSDConfig/__init__.py.in:301
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:299
+#: src/config/SSSDConfig/__init__.py.in:302
msgid "krbPasswordExpiration attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:300
+#: src/config/SSSDConfig/__init__.py.in:303
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "accountExpires attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "nsAccountLock attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:304
+#: src/config/SSSDConfig/__init__.py.in:307
msgid "loginDisabled attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:305
+#: src/config/SSSDConfig/__init__.py.in:308
msgid "loginExpirationTime attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:306
+#: src/config/SSSDConfig/__init__.py.in:309
msgid "loginAllowedTimeMap attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "SSH public key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "A list of extra attributes to download along with the user entry"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:310
+#: src/config/SSSDConfig/__init__.py.in:313
msgid "Base DN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:313
+#: src/config/SSSDConfig/__init__.py.in:316
msgid "Objectclass for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "Group name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Group password"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid "GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:317
+#: src/config/SSSDConfig/__init__.py.in:320
msgid "Group member attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:318
+#: src/config/SSSDConfig/__init__.py.in:321
#, fuzzy
msgid "Group UUID attribute"
msgstr "Атрибут «UID»"
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "Modification time attribute for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "Type of the group and other flags"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:323
+#: src/config/SSSDConfig/__init__.py.in:326
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Base DN for netgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Objectclass for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Netgroups members attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid "Netgroup triple attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "Modification time attribute for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:332
+#: src/config/SSSDConfig/__init__.py.in:335
msgid "Base DN for service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Objectclass for services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Service name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Service port attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Service protocol attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:339
+#: src/config/SSSDConfig/__init__.py.in:342
msgid "Lower bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:340
+#: src/config/SSSDConfig/__init__.py.in:343
msgid "Upper bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:343
+#: src/config/SSSDConfig/__init__.py.in:346
msgid "Name of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:344
+#: src/config/SSSDConfig/__init__.py.in:347
msgid "SID of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:347
+#: src/config/SSSDConfig/__init__.py.in:350
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:348
+#: src/config/SSSDConfig/__init__.py.in:351
msgid "Whether to use Token-Groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "Set lower boundary for allowed IDs from the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Set upper boundary for allowed IDs from the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:351
+#: src/config/SSSDConfig/__init__.py.in:354
msgid "DN for ppolicy queries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:354
+#: src/config/SSSDConfig/__init__.py.in:357
msgid "Policy to evaluate the password expiration"
msgstr "Политика вычисления окончания срока действия пароля"
-#: src/config/SSSDConfig/__init__.py.in:358
+#: src/config/SSSDConfig/__init__.py.in:361
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:359
+#: src/config/SSSDConfig/__init__.py.in:362
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:362
+#: src/config/SSSDConfig/__init__.py.in:365
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:363
+#: src/config/SSSDConfig/__init__.py.in:366
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:364
+#: src/config/SSSDConfig/__init__.py.in:367
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:365
+#: src/config/SSSDConfig/__init__.py.in:368
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:368
+#: src/config/SSSDConfig/__init__.py.in:371
msgid "Base DN for sudo rules lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:369
+#: src/config/SSSDConfig/__init__.py.in:372
msgid "Automatic full refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:370
+#: src/config/SSSDConfig/__init__.py.in:373
msgid "Automatic smart refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:371
+#: src/config/SSSDConfig/__init__.py.in:374
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:372
+#: src/config/SSSDConfig/__init__.py.in:375
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:373
+#: src/config/SSSDConfig/__init__.py.in:376
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:374
+#: src/config/SSSDConfig/__init__.py.in:377
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:375
+#: src/config/SSSDConfig/__init__.py.in:378
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:376
+#: src/config/SSSDConfig/__init__.py.in:379
msgid "Object class for sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:377
+#: src/config/SSSDConfig/__init__.py.in:380
msgid "Sudo rule name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:378
+#: src/config/SSSDConfig/__init__.py.in:381
msgid "Sudo rule command attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:379
+#: src/config/SSSDConfig/__init__.py.in:382
msgid "Sudo rule host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:380
+#: src/config/SSSDConfig/__init__.py.in:383
msgid "Sudo rule user attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:381
+#: src/config/SSSDConfig/__init__.py.in:384
msgid "Sudo rule option attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:382
+#: src/config/SSSDConfig/__init__.py.in:385
msgid "Sudo rule runas attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:383
+#: src/config/SSSDConfig/__init__.py.in:386
msgid "Sudo rule runasuser attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:384
+#: src/config/SSSDConfig/__init__.py.in:387
msgid "Sudo rule runasgroup attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:385
+#: src/config/SSSDConfig/__init__.py.in:388
msgid "Sudo rule notbefore attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:386
+#: src/config/SSSDConfig/__init__.py.in:389
msgid "Sudo rule notafter attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:387
+#: src/config/SSSDConfig/__init__.py.in:390
msgid "Sudo rule order attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:390
+#: src/config/SSSDConfig/__init__.py.in:393
msgid "Object class for automounter maps"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:391
+#: src/config/SSSDConfig/__init__.py.in:394
msgid "Automounter map name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:392
+#: src/config/SSSDConfig/__init__.py.in:395
msgid "Object class for automounter map entries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:393
+#: src/config/SSSDConfig/__init__.py.in:396
msgid "Automounter map entry key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:394
+#: src/config/SSSDConfig/__init__.py.in:397
msgid "Automounter map entry value attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:395
+#: src/config/SSSDConfig/__init__.py.in:398
msgid "Base DN for automounter map lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:398
+#: src/config/SSSDConfig/__init__.py.in:401
msgid "Comma separated list of allowed users"
msgstr "Разделённый запятыми список разрешённых пользователей"
-#: src/config/SSSDConfig/__init__.py.in:399
+#: src/config/SSSDConfig/__init__.py.in:402
msgid "Comma separated list of prohibited users"
msgstr "Разделённый запятыми список запрещённых пользователей"
-#: src/config/SSSDConfig/__init__.py.in:402
+#: src/config/SSSDConfig/__init__.py.in:405
msgid "Default shell, /bin/bash"
msgstr "Оболочка по умолчанию, /bin/bash"
-#: src/config/SSSDConfig/__init__.py.in:403
+#: src/config/SSSDConfig/__init__.py.in:406
msgid "Base for home directories"
msgstr "Место для домашних каталогов"
-#: src/config/SSSDConfig/__init__.py.in:406
+#: src/config/SSSDConfig/__init__.py.in:409
msgid "The name of the NSS library to use"
msgstr "Имя используемой библиотеки NSS"
-#: src/config/SSSDConfig/__init__.py.in:407
+#: src/config/SSSDConfig/__init__.py.in:410
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:410
+#: src/config/SSSDConfig/__init__.py.in:413
msgid "PAM stack to use"
msgstr "Используемый стек PAM"
@@ -1248,26 +1260,26 @@ msgstr "Указать файл конфигурации"
msgid "Print version number and exit"
msgstr ""
-#: src/providers/krb5/krb5_child.c:2342 src/providers/ldap/ldap_child.c:589
+#: src/providers/krb5/krb5_child.c:2342 src/providers/ldap/ldap_child.c:609
#: src/util/util.h:108
msgid "Debug level"
msgstr "Уровень отладки"
-#: src/providers/krb5/krb5_child.c:2344 src/providers/ldap/ldap_child.c:591
+#: src/providers/krb5/krb5_child.c:2344 src/providers/ldap/ldap_child.c:611
#: src/util/util.h:114
msgid "Add debug timestamps"
msgstr "Добавить отладочные отметки времени"
-#: src/providers/krb5/krb5_child.c:2346 src/providers/ldap/ldap_child.c:593
+#: src/providers/krb5/krb5_child.c:2346 src/providers/ldap/ldap_child.c:613
#: src/util/util.h:116
msgid "Show timestamps with microseconds"
msgstr ""
-#: src/providers/krb5/krb5_child.c:2348 src/providers/ldap/ldap_child.c:595
+#: src/providers/krb5/krb5_child.c:2348 src/providers/ldap/ldap_child.c:615
msgid "An open file descriptor for the debug logs"
msgstr "Открытый дескриптор файла для журналов отладки"
-#: src/providers/krb5/krb5_child.c:2351 src/providers/ldap/ldap_child.c:597
+#: src/providers/krb5/krb5_child.c:2351 src/providers/ldap/ldap_child.c:617
#: src/util/util.h:112
msgid "Send the debug output to stderr directly."
msgstr ""
@@ -1280,101 +1292,106 @@ msgstr ""
msgid "The group to create FAST ccache as"
msgstr ""
-#: src/providers/data_provider_be.c:2833
+#: src/providers/data_provider_be.c:2834
msgid "Domain of the information provider (mandatory)"
msgstr "Домен поставщика информации (обязательный)"
-#: src/sss_client/common.c:969
+#: src/sss_client/common.c:971
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
"Для привилегированного сокета установлен неверный владелец или права доступа."
-#: src/sss_client/common.c:972
+#: src/sss_client/common.c:974
msgid "Public socket has wrong ownership or permissions."
msgstr ""
"Для общедоступного сокета установлен неверный владелец или права доступа."
-#: src/sss_client/common.c:975
+#: src/sss_client/common.c:977
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:978
+#: src/sss_client/common.c:980
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:983
+#: src/sss_client/common.c:985
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:989
+#: src/sss_client/common.c:991
msgid "Unexpected error while looking for an error description"
msgstr ""
-#: src/sss_client/pam_sss.c:398
+#: src/sss_client/pam_sss.c:63
+msgid "Permission denied. "
+msgstr ""
+
+#: src/sss_client/pam_sss.c:64 src/sss_client/pam_sss.c:883
+#: src/sss_client/pam_sss.c:894
+msgid "Server message: "
+msgstr "Сообщение сервера:"
+
+#: src/sss_client/pam_sss.c:401
msgid "Passwords do not match"
msgstr "Пароли не совпадают"
-#: src/sss_client/pam_sss.c:586
+#: src/sss_client/pam_sss.c:589
msgid "Password reset by root is not supported."
msgstr ""
-#: src/sss_client/pam_sss.c:627
+#: src/sss_client/pam_sss.c:630
msgid "Authenticated with cached credentials"
msgstr ""
-#: src/sss_client/pam_sss.c:628
+#: src/sss_client/pam_sss.c:631
msgid ", your cached password will expire at: "
msgstr ", срок действия вашего кэшированного пароль истечёт:"
-#: src/sss_client/pam_sss.c:658
+#: src/sss_client/pam_sss.c:661
#, c-format
msgid "Your password has expired. You have %1$d grace login(s) remaining."
msgstr ""
-#: src/sss_client/pam_sss.c:704
+#: src/sss_client/pam_sss.c:707
#, c-format
msgid "Your password will expire in %1$d %2$s."
msgstr ""
-#: src/sss_client/pam_sss.c:753
+#: src/sss_client/pam_sss.c:756
msgid "Authentication is denied until: "
msgstr ""
-#: src/sss_client/pam_sss.c:774
+#: src/sss_client/pam_sss.c:777
msgid "System is offline, password change not possible"
msgstr "Система находится в автономном режиме, невозможно сменить пароль"
-#: src/sss_client/pam_sss.c:789
+#: src/sss_client/pam_sss.c:792
msgid ""
"After changing the OTP password, you need to log out and back in order to "
"acquire a ticket"
msgstr ""
-#: src/sss_client/pam_sss.c:820 src/sss_client/pam_sss.c:833
+#: src/sss_client/pam_sss.c:880 src/sss_client/pam_sss.c:893
msgid "Password change failed. "
msgstr "Не удалось сменить пароль."
-#: src/sss_client/pam_sss.c:823 src/sss_client/pam_sss.c:834
-msgid "Server message: "
-msgstr "Сообщение сервера:"
-
-#: src/sss_client/pam_sss.c:1274
+#: src/sss_client/pam_sss.c:1336
msgid "New Password: "
msgstr "Новый пароль:"
-#: src/sss_client/pam_sss.c:1275
+#: src/sss_client/pam_sss.c:1337
msgid "Reenter new Password: "
msgstr "Введите новый пароль ещё раз:"
-#: src/sss_client/pam_sss.c:1374
+#: src/sss_client/pam_sss.c:1436
msgid "Password: "
msgstr "Пароль:"
-#: src/sss_client/pam_sss.c:1406
+#: src/sss_client/pam_sss.c:1468
msgid "Current Password: "
msgstr "Текущий пароль:"
-#: src/sss_client/pam_sss.c:1582
+#: src/sss_client/pam_sss.c:1644
msgid "Password expired. Change your password now."
msgstr "Срок действия пароля истёк. Необходимо сейчас изменить ваш пароль."
diff --git a/po/sssd.pot b/po/sssd.pot
index d9f42f1c6..b5398e192 100644
--- a/po/sssd.pot
+++ b/po/sssd.pot
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2015-02-18 16:53+0100\n"
+"POT-Creation-Date: 2015-06-12 10:37+0200\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -101,7 +101,7 @@ msgid "Entry cache background update timeout length (seconds)"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:67
-#: src/config/SSSDConfig/__init__.py.in:96
+#: src/config/SSSDConfig/__init__.py.in:97
msgid "Negative cache timeout length (seconds)"
msgstr ""
@@ -195,1023 +195,1035 @@ msgstr ""
msgid "List of domains accessible even for untrusted users."
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:93
+#: src/config/SSSDConfig/__init__.py.in:91
+msgid "Message printed when user account is expired."
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:94
msgid "Whether to evaluate the time-based attributes in sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:99
+#: src/config/SSSDConfig/__init__.py.in:100
msgid "Whether to hash host names and addresses in the known_hosts file"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:100
+#: src/config/SSSDConfig/__init__.py.in:101
msgid ""
"How many seconds to keep a host in the known_hosts file after its host keys "
"were requested"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:103
+#: src/config/SSSDConfig/__init__.py.in:104
msgid "List of UIDs or user names allowed to access the PAC responder"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:106
+#: src/config/SSSDConfig/__init__.py.in:107
msgid "List of UIDs or user names allowed to access the InfoPipe responder"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:107
+#: src/config/SSSDConfig/__init__.py.in:108
msgid "List of user attributes the InfoPipe is allowed to publish"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:110
+#: src/config/SSSDConfig/__init__.py.in:111
msgid "Identity provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:111
+#: src/config/SSSDConfig/__init__.py.in:112
msgid "Authentication provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:112
+#: src/config/SSSDConfig/__init__.py.in:113
msgid "Access control provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:113
+#: src/config/SSSDConfig/__init__.py.in:114
msgid "Password change provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:114
+#: src/config/SSSDConfig/__init__.py.in:115
msgid "SUDO provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:115
+#: src/config/SSSDConfig/__init__.py.in:116
msgid "Autofs provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:116
+#: src/config/SSSDConfig/__init__.py.in:117
msgid "Session-loading provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:117
+#: src/config/SSSDConfig/__init__.py.in:118
msgid "Host identity provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:120
+#: src/config/SSSDConfig/__init__.py.in:121
msgid "Minimum user ID"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:121
+#: src/config/SSSDConfig/__init__.py.in:122
msgid "Maximum user ID"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:122
+#: src/config/SSSDConfig/__init__.py.in:123
msgid "Enable enumerating all users/groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:123
+#: src/config/SSSDConfig/__init__.py.in:124
msgid "Cache credentials for offline login"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:124
+#: src/config/SSSDConfig/__init__.py.in:125
msgid "Store password hashes"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:125
+#: src/config/SSSDConfig/__init__.py.in:126
msgid "Display users/groups in fully-qualified form"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:126
+#: src/config/SSSDConfig/__init__.py.in:127
msgid "Don't include group members in group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:127
-#: src/config/SSSDConfig/__init__.py.in:134
+#: src/config/SSSDConfig/__init__.py.in:128
#: src/config/SSSDConfig/__init__.py.in:135
#: src/config/SSSDConfig/__init__.py.in:136
#: src/config/SSSDConfig/__init__.py.in:137
#: src/config/SSSDConfig/__init__.py.in:138
#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "Entry cache timeout length (seconds)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:128
+#: src/config/SSSDConfig/__init__.py.in:129
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:129
+#: src/config/SSSDConfig/__init__.py.in:130
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:130
+#: src/config/SSSDConfig/__init__.py.in:131
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "The domain part of service discovery DNS query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "Override GID value from the identity provider with this value"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Treat usernames as case sensitive"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "How often should expired entries be refreshed in background"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "Whether to automatically update the client's DNS entry"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:142
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:143
+#: src/config/SSSDConfig/__init__.py.in:159
msgid "The TTL to apply to the client's DNS entry after updating it"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:143
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:145
msgid "How often to periodically update the client's DNS entry"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:146
msgid "Whether the provider should explicitly update the PTR record as well"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:147
msgid "Whether the nsupdate utility should default to using TCP"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "What kind of authentication should be used to perform the DNS update"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:148
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "Control enumeration of trusted domains"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:149
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "How often should subdomains list be refreshed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:152
+#: src/config/SSSDConfig/__init__.py.in:151
+msgid "List of options that should be inherited into a subdomain"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:154
msgid "IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:155
msgid "IPA server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:154
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Address of backup IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:155
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "IPA client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:156
+#: src/config/SSSDConfig/__init__.py.in:158
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:161
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:160
+#: src/config/SSSDConfig/__init__.py.in:162
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:161
+#: src/config/SSSDConfig/__init__.py.in:163
msgid ""
"The amount of time in seconds between lookups of the SELinux maps against "
"the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:162
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "The automounter location this IPA client is using"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Search base for object containing info about IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:168
msgid "Search base for objects containing info about ID ranges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:167
-#: src/config/SSSDConfig/__init__.py.in:181
+#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:183
msgid "Enable DNS sites - location based service discovery"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:168
+#: src/config/SSSDConfig/__init__.py.in:170
msgid "Search base for view containers"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:171
msgid "Objectclass for view containers"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:170
+#: src/config/SSSDConfig/__init__.py.in:172
msgid "Attribute with the name of the view"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
msgid "Objectclass for override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:172
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Attribute with the reference to the original object"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:175
msgid "Objectclass for user override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:176
msgid "Objectclass for group override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "Active Directory domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "Active Directory server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "Active Directory backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "Active Directory client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:182
-#: src/config/SSSDConfig/__init__.py.in:357
+#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:360
msgid "LDAP filter to determine access privileges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:183
+#: src/config/SSSDConfig/__init__.py.in:185
msgid "Whether to use the Global Catalog for lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Operation mode for GPO-based access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:187
msgid ""
"The amount of time between lookups of the GPO policy files against the AD "
"server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:186
+#: src/config/SSSDConfig/__init__.py.in:188
msgid ""
"PAM service names that map to the GPO (Deny)InteractiveLogonRight policy "
"settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:189
msgid ""
"PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight "
"policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:190
msgid ""
"PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:191
msgid ""
"PAM service names that map to the GPO (Deny)BatchLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:192
msgid ""
"PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "PAM service names for which GPO-based access is always granted"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "PAM service names for which GPO-based access is always denied"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:195
msgid ""
"Default logon right (or permit/deny) to use for unmapped PAM service names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "a particular site to be used by the client"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:197
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "Kerberos server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Kerberos backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "Kerberos realm"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "Authentication timeout"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "Whether to create kdcinfo files"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "Where to drop krb5 config snippets"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "Directory to store credential caches"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:207
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "Location of the user's credential cache"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:210
msgid "Location of the keytab to validate credentials"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:209
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "Enable credential validation"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:212
msgid "Store password if offline for later online authentication"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:211
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:212
+#: src/config/SSSDConfig/__init__.py.in:214
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:215
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "Enables FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "Selects the principal to use for FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:218
msgid "Enables principal canonicalization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:217
+#: src/config/SSSDConfig/__init__.py.in:219
msgid "Enables enterprise principals"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:220
-#: src/config/SSSDConfig/__init__.py.in:221
-msgid "Server where the change password service is running if not on the KDC"
+msgid "A mapping from user names to kerberos principal names"
msgstr ""
+#: src/config/SSSDConfig/__init__.py.in:223
#: src/config/SSSDConfig/__init__.py.in:224
+msgid "Server where the change password service is running if not on the KDC"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:227
msgid "ldap_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:225
+#: src/config/SSSDConfig/__init__.py.in:228
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:226
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "The default base DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "The default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "The type of the authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "The authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:231
+#: src/config/SSSDConfig/__init__.py.in:234
msgid "Length of time to attempt connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Length of time to attempt synchronous LDAP operations"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "Length of time between attempts to reconnect while offline"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "File that contains CA certificates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Path to CA certificate directory"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:237
+#: src/config/SSSDConfig/__init__.py.in:240
msgid "File that contains the client certificate"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "File that contains the client key"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "Require TLS certificate verification"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "Specify the sasl mechanism to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "Specify the sasl authorization id to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "Specify the sasl authorization realm to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:244
+#: src/config/SSSDConfig/__init__.py.in:247
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Kerberos service keytab"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "Use Kerberos auth for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "Follow LDAP referrals"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "Lifetime of TGT for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:250
+#: src/config/SSSDConfig/__init__.py.in:253
msgid "Service name for DNS service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "entryUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "lastUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:260
+#: src/config/SSSDConfig/__init__.py.in:263
msgid "Disable the LDAP paging control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "Disable Active Directory range retrieval"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "Length of time to wait for a search request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "Length of time to wait for a enumeration request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "Length of time between enumeration updates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "Length of time between cache cleanups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "Require TLS for ID lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:269
+#: src/config/SSSDConfig/__init__.py.in:272
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:270
+#: src/config/SSSDConfig/__init__.py.in:273
msgid "Base DN for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:271
+#: src/config/SSSDConfig/__init__.py.in:274
msgid "Scope of user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:272
+#: src/config/SSSDConfig/__init__.py.in:275
msgid "Filter for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:273
+#: src/config/SSSDConfig/__init__.py.in:276
msgid "Objectclass for users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Username attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "UID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "Primary GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "GECOS attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:279
+#: src/config/SSSDConfig/__init__.py.in:282
msgid "Home directory attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "Shell attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
msgid "UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:282
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:322
msgid "objectSID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Active Directory primary group attribute for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:284
+#: src/config/SSSDConfig/__init__.py.in:287
msgid "User principal attribute (for Kerberos)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:288
msgid "Full Name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:286
+#: src/config/SSSDConfig/__init__.py.in:289
msgid "memberOf attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Modification time attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "shadowMin attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "shadowMax attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:292
+#: src/config/SSSDConfig/__init__.py.in:295
msgid "shadowWarning attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:293
+#: src/config/SSSDConfig/__init__.py.in:296
msgid "shadowInactive attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "shadowExpire attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "shadowFlag attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:296
+#: src/config/SSSDConfig/__init__.py.in:299
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:297
+#: src/config/SSSDConfig/__init__.py.in:300
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:298
+#: src/config/SSSDConfig/__init__.py.in:301
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:299
+#: src/config/SSSDConfig/__init__.py.in:302
msgid "krbPasswordExpiration attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:300
+#: src/config/SSSDConfig/__init__.py.in:303
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "accountExpires attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "nsAccountLock attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:304
+#: src/config/SSSDConfig/__init__.py.in:307
msgid "loginDisabled attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:305
+#: src/config/SSSDConfig/__init__.py.in:308
msgid "loginExpirationTime attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:306
+#: src/config/SSSDConfig/__init__.py.in:309
msgid "loginAllowedTimeMap attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "SSH public key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "A list of extra attributes to download along with the user entry"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:310
+#: src/config/SSSDConfig/__init__.py.in:313
msgid "Base DN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:313
+#: src/config/SSSDConfig/__init__.py.in:316
msgid "Objectclass for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "Group name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Group password"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid "GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:317
+#: src/config/SSSDConfig/__init__.py.in:320
msgid "Group member attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:318
+#: src/config/SSSDConfig/__init__.py.in:321
msgid "Group UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "Modification time attribute for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "Type of the group and other flags"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:323
+#: src/config/SSSDConfig/__init__.py.in:326
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Base DN for netgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Objectclass for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Netgroups members attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid "Netgroup triple attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "Modification time attribute for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:332
+#: src/config/SSSDConfig/__init__.py.in:335
msgid "Base DN for service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Objectclass for services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Service name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Service port attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Service protocol attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:339
+#: src/config/SSSDConfig/__init__.py.in:342
msgid "Lower bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:340
+#: src/config/SSSDConfig/__init__.py.in:343
msgid "Upper bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:343
+#: src/config/SSSDConfig/__init__.py.in:346
msgid "Name of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:344
+#: src/config/SSSDConfig/__init__.py.in:347
msgid "SID of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:347
+#: src/config/SSSDConfig/__init__.py.in:350
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:348
+#: src/config/SSSDConfig/__init__.py.in:351
msgid "Whether to use Token-Groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "Set lower boundary for allowed IDs from the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Set upper boundary for allowed IDs from the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:351
+#: src/config/SSSDConfig/__init__.py.in:354
msgid "DN for ppolicy queries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:354
+#: src/config/SSSDConfig/__init__.py.in:357
msgid "Policy to evaluate the password expiration"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:358
+#: src/config/SSSDConfig/__init__.py.in:361
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:359
+#: src/config/SSSDConfig/__init__.py.in:362
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:362
+#: src/config/SSSDConfig/__init__.py.in:365
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:363
+#: src/config/SSSDConfig/__init__.py.in:366
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:364
+#: src/config/SSSDConfig/__init__.py.in:367
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:365
+#: src/config/SSSDConfig/__init__.py.in:368
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:368
+#: src/config/SSSDConfig/__init__.py.in:371
msgid "Base DN for sudo rules lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:369
+#: src/config/SSSDConfig/__init__.py.in:372
msgid "Automatic full refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:370
+#: src/config/SSSDConfig/__init__.py.in:373
msgid "Automatic smart refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:371
+#: src/config/SSSDConfig/__init__.py.in:374
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:372
+#: src/config/SSSDConfig/__init__.py.in:375
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:373
+#: src/config/SSSDConfig/__init__.py.in:376
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:374
+#: src/config/SSSDConfig/__init__.py.in:377
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:375
+#: src/config/SSSDConfig/__init__.py.in:378
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:376
+#: src/config/SSSDConfig/__init__.py.in:379
msgid "Object class for sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:377
+#: src/config/SSSDConfig/__init__.py.in:380
msgid "Sudo rule name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:378
+#: src/config/SSSDConfig/__init__.py.in:381
msgid "Sudo rule command attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:379
+#: src/config/SSSDConfig/__init__.py.in:382
msgid "Sudo rule host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:380
+#: src/config/SSSDConfig/__init__.py.in:383
msgid "Sudo rule user attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:381
+#: src/config/SSSDConfig/__init__.py.in:384
msgid "Sudo rule option attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:382
+#: src/config/SSSDConfig/__init__.py.in:385
msgid "Sudo rule runas attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:383
+#: src/config/SSSDConfig/__init__.py.in:386
msgid "Sudo rule runasuser attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:384
+#: src/config/SSSDConfig/__init__.py.in:387
msgid "Sudo rule runasgroup attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:385
+#: src/config/SSSDConfig/__init__.py.in:388
msgid "Sudo rule notbefore attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:386
+#: src/config/SSSDConfig/__init__.py.in:389
msgid "Sudo rule notafter attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:387
+#: src/config/SSSDConfig/__init__.py.in:390
msgid "Sudo rule order attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:390
+#: src/config/SSSDConfig/__init__.py.in:393
msgid "Object class for automounter maps"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:391
+#: src/config/SSSDConfig/__init__.py.in:394
msgid "Automounter map name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:392
+#: src/config/SSSDConfig/__init__.py.in:395
msgid "Object class for automounter map entries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:393
+#: src/config/SSSDConfig/__init__.py.in:396
msgid "Automounter map entry key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:394
+#: src/config/SSSDConfig/__init__.py.in:397
msgid "Automounter map entry value attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:395
+#: src/config/SSSDConfig/__init__.py.in:398
msgid "Base DN for automounter map lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:398
+#: src/config/SSSDConfig/__init__.py.in:401
msgid "Comma separated list of allowed users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:399
+#: src/config/SSSDConfig/__init__.py.in:402
msgid "Comma separated list of prohibited users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:402
+#: src/config/SSSDConfig/__init__.py.in:405
msgid "Default shell, /bin/bash"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:403
+#: src/config/SSSDConfig/__init__.py.in:406
msgid "Base for home directories"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:406
+#: src/config/SSSDConfig/__init__.py.in:409
msgid "The name of the NSS library to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:407
+#: src/config/SSSDConfig/__init__.py.in:410
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:410
+#: src/config/SSSDConfig/__init__.py.in:413
msgid "PAM stack to use"
msgstr ""
@@ -1231,26 +1243,26 @@ msgstr ""
msgid "Print version number and exit"
msgstr ""
-#: src/providers/krb5/krb5_child.c:2342 src/providers/ldap/ldap_child.c:589
+#: src/providers/krb5/krb5_child.c:2342 src/providers/ldap/ldap_child.c:609
#: src/util/util.h:108
msgid "Debug level"
msgstr ""
-#: src/providers/krb5/krb5_child.c:2344 src/providers/ldap/ldap_child.c:591
+#: src/providers/krb5/krb5_child.c:2344 src/providers/ldap/ldap_child.c:611
#: src/util/util.h:114
msgid "Add debug timestamps"
msgstr ""
-#: src/providers/krb5/krb5_child.c:2346 src/providers/ldap/ldap_child.c:593
+#: src/providers/krb5/krb5_child.c:2346 src/providers/ldap/ldap_child.c:613
#: src/util/util.h:116
msgid "Show timestamps with microseconds"
msgstr ""
-#: src/providers/krb5/krb5_child.c:2348 src/providers/ldap/ldap_child.c:595
+#: src/providers/krb5/krb5_child.c:2348 src/providers/ldap/ldap_child.c:615
msgid "An open file descriptor for the debug logs"
msgstr ""
-#: src/providers/krb5/krb5_child.c:2351 src/providers/ldap/ldap_child.c:597
+#: src/providers/krb5/krb5_child.c:2351 src/providers/ldap/ldap_child.c:617
#: src/util/util.h:112
msgid "Send the debug output to stderr directly."
msgstr ""
@@ -1263,99 +1275,104 @@ msgstr ""
msgid "The group to create FAST ccache as"
msgstr ""
-#: src/providers/data_provider_be.c:2833
+#: src/providers/data_provider_be.c:2834
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:969
+#: src/sss_client/common.c:971
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:972
+#: src/sss_client/common.c:974
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:975
+#: src/sss_client/common.c:977
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:978
+#: src/sss_client/common.c:980
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:983
+#: src/sss_client/common.c:985
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:989
+#: src/sss_client/common.c:991
msgid "Unexpected error while looking for an error description"
msgstr ""
-#: src/sss_client/pam_sss.c:398
+#: src/sss_client/pam_sss.c:63
+msgid "Permission denied. "
+msgstr ""
+
+#: src/sss_client/pam_sss.c:64 src/sss_client/pam_sss.c:883
+#: src/sss_client/pam_sss.c:894
+msgid "Server message: "
+msgstr ""
+
+#: src/sss_client/pam_sss.c:401
msgid "Passwords do not match"
msgstr ""
-#: src/sss_client/pam_sss.c:586
+#: src/sss_client/pam_sss.c:589
msgid "Password reset by root is not supported."
msgstr ""
-#: src/sss_client/pam_sss.c:627
+#: src/sss_client/pam_sss.c:630
msgid "Authenticated with cached credentials"
msgstr ""
-#: src/sss_client/pam_sss.c:628
+#: src/sss_client/pam_sss.c:631
msgid ", your cached password will expire at: "
msgstr ""
-#: src/sss_client/pam_sss.c:658
+#: src/sss_client/pam_sss.c:661
#, c-format
msgid "Your password has expired. You have %1$d grace login(s) remaining."
msgstr ""
-#: src/sss_client/pam_sss.c:704
+#: src/sss_client/pam_sss.c:707
#, c-format
msgid "Your password will expire in %1$d %2$s."
msgstr ""
-#: src/sss_client/pam_sss.c:753
+#: src/sss_client/pam_sss.c:756
msgid "Authentication is denied until: "
msgstr ""
-#: src/sss_client/pam_sss.c:774
+#: src/sss_client/pam_sss.c:777
msgid "System is offline, password change not possible"
msgstr ""
-#: src/sss_client/pam_sss.c:789
+#: src/sss_client/pam_sss.c:792
msgid ""
"After changing the OTP password, you need to log out and back in order to "
"acquire a ticket"
msgstr ""
-#: src/sss_client/pam_sss.c:820 src/sss_client/pam_sss.c:833
+#: src/sss_client/pam_sss.c:880 src/sss_client/pam_sss.c:893
msgid "Password change failed. "
msgstr ""
-#: src/sss_client/pam_sss.c:823 src/sss_client/pam_sss.c:834
-msgid "Server message: "
-msgstr ""
-
-#: src/sss_client/pam_sss.c:1274
+#: src/sss_client/pam_sss.c:1336
msgid "New Password: "
msgstr ""
-#: src/sss_client/pam_sss.c:1275
+#: src/sss_client/pam_sss.c:1337
msgid "Reenter new Password: "
msgstr ""
-#: src/sss_client/pam_sss.c:1374
+#: src/sss_client/pam_sss.c:1436
msgid "Password: "
msgstr ""
-#: src/sss_client/pam_sss.c:1406
+#: src/sss_client/pam_sss.c:1468
msgid "Current Password: "
msgstr ""
-#: src/sss_client/pam_sss.c:1582
+#: src/sss_client/pam_sss.c:1644
msgid "Password expired. Change your password now."
msgstr ""
diff --git a/po/sv.po b/po/sv.po
index 42c3342eb..a1a1256e2 100644
--- a/po/sv.po
+++ b/po/sv.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2015-02-18 16:53+0100\n"
+"POT-Creation-Date: 2015-06-12 10:37+0200\n"
"PO-Revision-Date: 2014-06-07 05:40-0400\n"
"Last-Translator: Göran Uddeborg <goeran@uddeborg.se>\n"
"Language-Team: Swedish (http://www.transifex.com/projects/p/sssd/language/"
@@ -18,7 +18,7 @@ msgstr ""
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"
-"X-Generator: Zanata 3.5.1\n"
+"X-Generator: Zanata 3.6.2\n"
#: src/config/SSSDConfig/__init__.py.in:43
msgid "Set the verbosity of the debug logging"
@@ -108,7 +108,7 @@ msgid "Entry cache background update timeout length (seconds)"
msgstr "Tidsgränslängd för bakgrundsuppdateringar av postcache (sekunder)"
#: src/config/SSSDConfig/__init__.py.in:67
-#: src/config/SSSDConfig/__init__.py.in:96
+#: src/config/SSSDConfig/__init__.py.in:97
msgid "Negative cache timeout length (seconds)"
msgstr "Tidsgränslängd för negativ cache (sekunder)"
@@ -208,16 +208,20 @@ msgstr ""
msgid "List of domains accessible even for untrusted users."
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:93
+#: src/config/SSSDConfig/__init__.py.in:91
+msgid "Message printed when user account is expired."
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:94
msgid "Whether to evaluate the time-based attributes in sudo rules"
msgstr "Om tidsbaserade attribut i sudo-regler skall beräknas"
-#: src/config/SSSDConfig/__init__.py.in:99
+#: src/config/SSSDConfig/__init__.py.in:100
msgid "Whether to hash host names and addresses in the known_hosts file"
msgstr ""
"Om värdnamn och adresser i known_hosts-filen skall göras till kontrollsummor"
-#: src/config/SSSDConfig/__init__.py.in:100
+#: src/config/SSSDConfig/__init__.py.in:101
msgid ""
"How many seconds to keep a host in the known_hosts file after its host keys "
"were requested"
@@ -225,524 +229,532 @@ msgstr ""
"Hur många sekunder att behålla en värd i filen known_hosts efter att dess "
"värdnycklar begärdes"
-#: src/config/SSSDConfig/__init__.py.in:103
+#: src/config/SSSDConfig/__init__.py.in:104
msgid "List of UIDs or user names allowed to access the PAC responder"
msgstr "Lista över UID:er eller användarnamn som tillåts komma åt PAC-svararen"
-#: src/config/SSSDConfig/__init__.py.in:106
+#: src/config/SSSDConfig/__init__.py.in:107
msgid "List of UIDs or user names allowed to access the InfoPipe responder"
msgstr ""
"Lista över UID:er eller användarnamn som tillåts komma åt InfoPipe-svararen"
-#: src/config/SSSDConfig/__init__.py.in:107
+#: src/config/SSSDConfig/__init__.py.in:108
msgid "List of user attributes the InfoPipe is allowed to publish"
msgstr "Lista över aänvändarattribut InfoPipe får publicera"
-#: src/config/SSSDConfig/__init__.py.in:110
+#: src/config/SSSDConfig/__init__.py.in:111
msgid "Identity provider"
msgstr "Identifiera leverantör"
-#: src/config/SSSDConfig/__init__.py.in:111
+#: src/config/SSSDConfig/__init__.py.in:112
msgid "Authentication provider"
msgstr "Autentiseringsleverantör"
-#: src/config/SSSDConfig/__init__.py.in:112
+#: src/config/SSSDConfig/__init__.py.in:113
msgid "Access control provider"
msgstr "Leverantör av åtkomstkontroll"
-#: src/config/SSSDConfig/__init__.py.in:113
+#: src/config/SSSDConfig/__init__.py.in:114
msgid "Password change provider"
msgstr "Leverantör av lösenordsändringar"
-#: src/config/SSSDConfig/__init__.py.in:114
+#: src/config/SSSDConfig/__init__.py.in:115
msgid "SUDO provider"
msgstr "SUDO-leverantör"
-#: src/config/SSSDConfig/__init__.py.in:115
+#: src/config/SSSDConfig/__init__.py.in:116
msgid "Autofs provider"
msgstr "Autofs-leverantör"
-#: src/config/SSSDConfig/__init__.py.in:116
+#: src/config/SSSDConfig/__init__.py.in:117
msgid "Session-loading provider"
msgstr "Sessionsinläsningsleverantör"
-#: src/config/SSSDConfig/__init__.py.in:117
+#: src/config/SSSDConfig/__init__.py.in:118
msgid "Host identity provider"
msgstr "Värdidentiftetsleverantör"
-#: src/config/SSSDConfig/__init__.py.in:120
+#: src/config/SSSDConfig/__init__.py.in:121
msgid "Minimum user ID"
msgstr "Minsta användar-ID"
-#: src/config/SSSDConfig/__init__.py.in:121
+#: src/config/SSSDConfig/__init__.py.in:122
msgid "Maximum user ID"
msgstr "Största användar-ID"
-#: src/config/SSSDConfig/__init__.py.in:122
+#: src/config/SSSDConfig/__init__.py.in:123
msgid "Enable enumerating all users/groups"
msgstr "Aktivera uppräkning av alla användare/grupper"
-#: src/config/SSSDConfig/__init__.py.in:123
+#: src/config/SSSDConfig/__init__.py.in:124
msgid "Cache credentials for offline login"
msgstr "Cache-kreditiv för frånkopplad inloggning"
-#: src/config/SSSDConfig/__init__.py.in:124
+#: src/config/SSSDConfig/__init__.py.in:125
msgid "Store password hashes"
msgstr "Lagra lösenords-kontrollsummor"
-#: src/config/SSSDConfig/__init__.py.in:125
+#: src/config/SSSDConfig/__init__.py.in:126
msgid "Display users/groups in fully-qualified form"
msgstr "Visa användare/grupper i fullständigt kvalificerat format"
-#: src/config/SSSDConfig/__init__.py.in:126
+#: src/config/SSSDConfig/__init__.py.in:127
msgid "Don't include group members in group lookups"
msgstr "Inkludera inte gruppmedlemmar i gruppuppslagningar"
-#: src/config/SSSDConfig/__init__.py.in:127
-#: src/config/SSSDConfig/__init__.py.in:134
+#: src/config/SSSDConfig/__init__.py.in:128
#: src/config/SSSDConfig/__init__.py.in:135
#: src/config/SSSDConfig/__init__.py.in:136
#: src/config/SSSDConfig/__init__.py.in:137
#: src/config/SSSDConfig/__init__.py.in:138
#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "Entry cache timeout length (seconds)"
msgstr "Tidsgränslängd för postcache (sekunder)"
-#: src/config/SSSDConfig/__init__.py.in:128
+#: src/config/SSSDConfig/__init__.py.in:129
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr "Begränsa eller föredra en specifik adressfamilj vid DNS-uppslagningar"
-#: src/config/SSSDConfig/__init__.py.in:129
+#: src/config/SSSDConfig/__init__.py.in:130
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
"Hur länge cachade poster skall behållas efter senaste lyckade inloggning "
"(dagar)"
-#: src/config/SSSDConfig/__init__.py.in:130
+#: src/config/SSSDConfig/__init__.py.in:131
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr "Hur länge man väntar på svar från DNS när servrar slås upp (sekunder)"
-#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "The domain part of service discovery DNS query"
msgstr "Domändelen av DNS-frågan för tjänstedetektering"
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "Override GID value from the identity provider with this value"
msgstr "Åsidosätt GID-värdet från identitetsleverantören med detta värde"
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Treat usernames as case sensitive"
msgstr "Behandla användarnamn som skiftlägeskänsliga"
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "How often should expired entries be refreshed in background"
msgstr "Hur ofta utgångna poster skall förnyas i bakgrunden"
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "Whether to automatically update the client's DNS entry"
msgstr "Huruvida klienternas DNS-poster uppdateras automatiskt"
-#: src/config/SSSDConfig/__init__.py.in:142
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:143
+#: src/config/SSSDConfig/__init__.py.in:159
msgid "The TTL to apply to the client's DNS entry after updating it"
msgstr "TTL:en att använda för klientens DNS-post efter att ha uppdaterat den"
-#: src/config/SSSDConfig/__init__.py.in:143
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr "Gränssnittet var IP skall användas för dynamiska DNS-uppdateringar"
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:145
msgid "How often to periodically update the client's DNS entry"
msgstr "Hur ofta klienternas DNS-poster periodiskt skall uppdateras"
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:146
msgid "Whether the provider should explicitly update the PTR record as well"
msgstr "Huruvida leverantören explicit skall uppdatera PTR-posten också"
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:147
msgid "Whether the nsupdate utility should default to using TCP"
msgstr "Huruvida verktyget nsupdate skall använda TCP som standard"
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "What kind of authentication should be used to perform the DNS update"
msgstr ""
"Vilken sorts autenticering som skall användas för att utföra DNS-"
"uppdateringen"
-#: src/config/SSSDConfig/__init__.py.in:148
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "Control enumeration of trusted domains"
msgstr "Styr uppräkning av betrodda domäner"
-#: src/config/SSSDConfig/__init__.py.in:149
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "How often should subdomains list be refreshed"
msgstr "Hur ofta skall listan över underdomäner uppdateras"
-#: src/config/SSSDConfig/__init__.py.in:152
+#: src/config/SSSDConfig/__init__.py.in:151
+msgid "List of options that should be inherited into a subdomain"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:154
msgid "IPA domain"
msgstr "IPA-domän"
-#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:155
msgid "IPA server address"
msgstr "IPA-serveradress"
-#: src/config/SSSDConfig/__init__.py.in:154
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Address of backup IPA server"
msgstr "Adress till reserv-IPA-server"
-#: src/config/SSSDConfig/__init__.py.in:155
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "IPA client hostname"
msgstr "IPA-klienvärdnamn"
-#: src/config/SSSDConfig/__init__.py.in:156
+#: src/config/SSSDConfig/__init__.py.in:158
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr "Om klientens DNS-post i FreeIPA automatiskt skall uppdateras"
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:161
msgid "Search base for HBAC related objects"
msgstr "Sökbas för HBAC-relaterade objekt"
-#: src/config/SSSDConfig/__init__.py.in:160
+#: src/config/SSSDConfig/__init__.py.in:162
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr "Tidsåtgången mellan uppslagningar av HBAC-reglerna mot IPA-servern"
-#: src/config/SSSDConfig/__init__.py.in:161
+#: src/config/SSSDConfig/__init__.py.in:163
msgid ""
"The amount of time in seconds between lookups of the SELinux maps against "
"the IPA server"
msgstr ""
"Tiden i sekunder mellan uppslagningar av SELinux-mappningar mot IPA-servern"
-#: src/config/SSSDConfig/__init__.py.in:162
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr "Om det finns DENY-regler, antingen DENY_ALL eller IGNORE"
-#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "If set to false, host argument given by PAM will be ignored"
msgstr "Om satt till falskt kommer värdargument givna av PAM ignoreras"
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "The automounter location this IPA client is using"
msgstr "Platsen för automatmonteraren denna IPA-klient använder"
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Search base for object containing info about IPA domain"
msgstr "Sökbas för objekt som innehåller information om IPA-domänen"
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:168
msgid "Search base for objects containing info about ID ranges"
msgstr "Sökbas för objekt som innehåller information om ID-intervall"
-#: src/config/SSSDConfig/__init__.py.in:167
-#: src/config/SSSDConfig/__init__.py.in:181
+#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:183
msgid "Enable DNS sites - location based service discovery"
msgstr "Aktivera DNS-sajter - platsbaserad detektering av tjänster"
-#: src/config/SSSDConfig/__init__.py.in:168
+#: src/config/SSSDConfig/__init__.py.in:170
msgid "Search base for view containers"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:171
msgid "Objectclass for view containers"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:170
+#: src/config/SSSDConfig/__init__.py.in:172
msgid "Attribute with the name of the view"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
msgid "Objectclass for override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:172
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Attribute with the reference to the original object"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:175
msgid "Objectclass for user override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:176
msgid "Objectclass for group override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "Active Directory domain"
msgstr "Active Directory-domän"
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "Active Directory server address"
msgstr "Adress till Active Directory-server"
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "Active Directory backup server address"
msgstr "Adress till Active Directory-reservserver"
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "Active Directory client hostname"
msgstr "Active Directory-klienvärdnamn"
-#: src/config/SSSDConfig/__init__.py.in:182
-#: src/config/SSSDConfig/__init__.py.in:357
+#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:360
msgid "LDAP filter to determine access privileges"
msgstr "LDAP-filter för att bestämma åtkomstprivilegier"
-#: src/config/SSSDConfig/__init__.py.in:183
+#: src/config/SSSDConfig/__init__.py.in:185
msgid "Whether to use the Global Catalog for lookups"
msgstr "Huruvida den globala katalogen skall användas för uppslagningar"
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Operation mode for GPO-based access control"
msgstr "Arbetsläge för GPO-baserad åtkomstkontrol"
-#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:187
msgid ""
"The amount of time between lookups of the GPO policy files against the AD "
"server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:186
+#: src/config/SSSDConfig/__init__.py.in:188
msgid ""
"PAM service names that map to the GPO (Deny)InteractiveLogonRight policy "
"settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:189
msgid ""
"PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight "
"policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:190
msgid ""
"PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:191
msgid ""
"PAM service names that map to the GPO (Deny)BatchLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:192
msgid ""
"PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "PAM service names for which GPO-based access is always granted"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "PAM service names for which GPO-based access is always denied"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:195
msgid ""
"Default logon right (or permit/deny) to use for unmapped PAM service names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "a particular site to be used by the client"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:197
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "Kerberos server address"
msgstr "Adress till server för Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Kerberos backup server address"
msgstr "Adress till reservserver för Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "Kerberos realm"
msgstr "Kerberosrike"
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "Authentication timeout"
msgstr "Autentiseringstidsgräns"
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "Whether to create kdcinfo files"
msgstr "Huruvida kdcinfo-filer skall skapas"
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "Where to drop krb5 config snippets"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "Directory to store credential caches"
msgstr "Katalog att lagra kreditiv-cachar i"
-#: src/config/SSSDConfig/__init__.py.in:207
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "Location of the user's credential cache"
msgstr "Plats för användarens kreditiv-cache"
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:210
msgid "Location of the keytab to validate credentials"
msgstr "Plats för nyckeltabellen för att validera kreditiv"
-#: src/config/SSSDConfig/__init__.py.in:209
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "Enable credential validation"
msgstr "Aktivera validering av kreditiv"
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:212
msgid "Store password if offline for later online authentication"
msgstr "Lagra lösenord när ej ansluten för ansluten autentisering senare"
-#: src/config/SSSDConfig/__init__.py.in:211
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Renewable lifetime of the TGT"
msgstr "Förnybar livstid för TGT:n"
-#: src/config/SSSDConfig/__init__.py.in:212
+#: src/config/SSSDConfig/__init__.py.in:214
msgid "Lifetime of the TGT"
msgstr "Livstid för TGT:n"
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:215
msgid "Time between two checks for renewal"
msgstr "Tid mellan två kontroller av förnyelse"
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "Enables FAST"
msgstr "Aktiverar FAST"
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "Selects the principal to use for FAST"
msgstr "Väljer huvudman att använda för FAST"
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:218
msgid "Enables principal canonicalization"
msgstr "Aktivera kanonsisk form av huvudman"
-#: src/config/SSSDConfig/__init__.py.in:217
+#: src/config/SSSDConfig/__init__.py.in:219
msgid "Enables enterprise principals"
msgstr "Aktiverar företagshuvudmän"
#: src/config/SSSDConfig/__init__.py.in:220
-#: src/config/SSSDConfig/__init__.py.in:221
+msgid "A mapping from user names to kerberos principal names"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:224
msgid "Server where the change password service is running if not on the KDC"
msgstr "Server där ändringstjänsten för lösenord kör om inte på KDC:n"
-#: src/config/SSSDConfig/__init__.py.in:224
+#: src/config/SSSDConfig/__init__.py.in:227
msgid "ldap_uri, The URI of the LDAP server"
msgstr "ldap_uri, URI:n för LDAP-servern"
-#: src/config/SSSDConfig/__init__.py.in:225
+#: src/config/SSSDConfig/__init__.py.in:228
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr "ldap_backup_uri, URI:n för LDAP-servern"
-#: src/config/SSSDConfig/__init__.py.in:226
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "The default base DN"
msgstr "Standard bas-DN"
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr "Schematypen som används i LDAP-servern, rfc2307"
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "The default bind DN"
msgstr "Standard bindnings-DN"
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "The type of the authentication token of the default bind DN"
msgstr "Typen på autenticerings-token för standard bindnings-DN"
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "The authentication token of the default bind DN"
msgstr "Autenticerings-token för standard bindnings-DN"
-#: src/config/SSSDConfig/__init__.py.in:231
+#: src/config/SSSDConfig/__init__.py.in:234
msgid "Length of time to attempt connection"
msgstr "Tidslängd att försöka ansluta"
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Length of time to attempt synchronous LDAP operations"
msgstr "Tidslängd att försök synkrona LDAP-operationer"
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "Length of time between attempts to reconnect while offline"
msgstr "Tidslängd mellan försök att återansluta vid frånkoppling"
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Use only the upper case for realm names"
msgstr "Använd endast versaler för namn på riken"
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "File that contains CA certificates"
msgstr "Fil som innehåller CA-certifikat"
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Path to CA certificate directory"
msgstr "Sökväg till katalogen med CA-certifikat"
-#: src/config/SSSDConfig/__init__.py.in:237
+#: src/config/SSSDConfig/__init__.py.in:240
msgid "File that contains the client certificate"
msgstr "Fil som innehåller klientcertifikatet"
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "File that contains the client key"
msgstr "Fil som innehåller klientnyckeln"
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "List of possible ciphers suites"
msgstr "Lista över möjliga chiffersviter"
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "Require TLS certificate verification"
msgstr "Kräv TLS-certifikatverifiering"
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "Specify the sasl mechanism to use"
msgstr "Ange sasl-mekanismen att använda"
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "Specify the sasl authorization id to use"
msgstr "Ange sasl-auktorisering-id att använda"
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "Specify the sasl authorization realm to use"
msgstr "Ange sasl-auktoriseringsrike att använda"
-#: src/config/SSSDConfig/__init__.py.in:244
+#: src/config/SSSDConfig/__init__.py.in:247
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr "Ange minsta SSF för LDAP-sasl-auktorisering"
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Kerberos service keytab"
msgstr "Kerberostjänstens nyckeltabell"
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "Use Kerberos auth for LDAP connection"
msgstr "Avnänd Kerberosautenticering för LDAP-anslutning"
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "Follow LDAP referrals"
msgstr "Följer LDAP-hänvisningar"
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "Lifetime of TGT for LDAP connection"
msgstr "Livslängd på TGT för LDAP-anslutning"
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "How to dereference aliases"
msgstr "Hur alias skall derefereras"
-#: src/config/SSSDConfig/__init__.py.in:250
+#: src/config/SSSDConfig/__init__.py.in:253
msgid "Service name for DNS service lookups"
msgstr "Tjänstenamn för uppslagning av DNS-tjänster"
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "The number of records to retrieve in a single LDAP query"
msgstr "Antalet poster som skall hämtas i en enda LDAP-fråga"
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
"Antalet medlemmar som måste saknas för att orsaka en fullständig dereferering"
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
@@ -750,359 +762,359 @@ msgstr ""
"Huruvida LDAP-biblioteket skall utföra en omvänd uppslagning för att ta fram "
"värdnamnets kanoniska form under en SASL-bindning"
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "entryUSN attribute"
msgstr "entryUSN-attribut"
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "lastUSN attribute"
msgstr "lastUSN-attribut"
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
"Hur länge en anslutning till LDAP-servern skall behållas före den kopplas ner"
-#: src/config/SSSDConfig/__init__.py.in:260
+#: src/config/SSSDConfig/__init__.py.in:263
msgid "Disable the LDAP paging control"
msgstr "Avaktivera flödesstyrningen (paging) av LDAP"
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "Disable Active Directory range retrieval"
msgstr "Avaktivera Active Directorys intervallhämtande"
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "Length of time to wait for a search request"
msgstr "Tidslängd att vänta på en sökbegäran"
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "Length of time to wait for a enumeration request"
msgstr "Tidslängd att vänta på en uppräkningsbegäran"
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "Length of time between enumeration updates"
msgstr "Tidslängd mellan uppräkningsuppdateringar"
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "Length of time between cache cleanups"
msgstr "Tidslängd mellan cache-tömningar"
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "Require TLS for ID lookups"
msgstr "Kräv TLS för ID-uppslagningar"
-#: src/config/SSSDConfig/__init__.py.in:269
+#: src/config/SSSDConfig/__init__.py.in:272
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr "Använd ID-översättning av objectSID istället för pre-set ID:n"
-#: src/config/SSSDConfig/__init__.py.in:270
+#: src/config/SSSDConfig/__init__.py.in:273
msgid "Base DN for user lookups"
msgstr "Bas-DN för användaruppslagningar"
-#: src/config/SSSDConfig/__init__.py.in:271
+#: src/config/SSSDConfig/__init__.py.in:274
msgid "Scope of user lookups"
msgstr "Omfång av användaruppslagningar"
-#: src/config/SSSDConfig/__init__.py.in:272
+#: src/config/SSSDConfig/__init__.py.in:275
msgid "Filter for user lookups"
msgstr "Filter för användaruppslagningar"
-#: src/config/SSSDConfig/__init__.py.in:273
+#: src/config/SSSDConfig/__init__.py.in:276
msgid "Objectclass for users"
msgstr "Objektklass för användare"
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Username attribute"
msgstr "Användarnamnsattribut"
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "UID attribute"
msgstr "UID-attribut"
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "Primary GID attribute"
msgstr "Primärt GID-attribut"
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "GECOS attribute"
msgstr "GECOS-attribut"
-#: src/config/SSSDConfig/__init__.py.in:279
+#: src/config/SSSDConfig/__init__.py.in:282
msgid "Home directory attribute"
msgstr "Hemkatalogattribut"
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "Shell attribute"
msgstr "Skalattribut"
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
#, fuzzy
msgid "UUID attribute"
msgstr "UID-attribut"
-#: src/config/SSSDConfig/__init__.py.in:282
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:322
msgid "objectSID attribute"
msgstr "objectSID-attribut"
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Active Directory primary group attribute for ID-mapping"
msgstr "Primärt gruppattribut i Active Directory för ID-mappning"
-#: src/config/SSSDConfig/__init__.py.in:284
+#: src/config/SSSDConfig/__init__.py.in:287
msgid "User principal attribute (for Kerberos)"
msgstr "Användarens huvudmansattribut (för Kerberos)"
-#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:288
msgid "Full Name"
msgstr "Fullständigt namn"
-#: src/config/SSSDConfig/__init__.py.in:286
+#: src/config/SSSDConfig/__init__.py.in:289
msgid "memberOf attribute"
msgstr "medlemAv-attribut"
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Modification time attribute"
msgstr "Modifieringstidsattribut"
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "shadowLastChange attribute"
msgstr "attributet shadowLastChange"
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "shadowMin attribute"
msgstr "shadowMin-attribut"
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "shadowMax attribute"
msgstr "shadowMax-attribut"
-#: src/config/SSSDConfig/__init__.py.in:292
+#: src/config/SSSDConfig/__init__.py.in:295
msgid "shadowWarning attribute"
msgstr "shadowWarning-attribut"
-#: src/config/SSSDConfig/__init__.py.in:293
+#: src/config/SSSDConfig/__init__.py.in:296
msgid "shadowInactive attribute"
msgstr "shadowInactive-attribut"
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "shadowExpire attribute"
msgstr "shadowExpire-attribut"
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "shadowFlag attribute"
msgstr "shadowFlag-attribut"
-#: src/config/SSSDConfig/__init__.py.in:296
+#: src/config/SSSDConfig/__init__.py.in:299
msgid "Attribute listing authorized PAM services"
msgstr "Attribut för listning av auktoriserade PAM-tjänster"
-#: src/config/SSSDConfig/__init__.py.in:297
+#: src/config/SSSDConfig/__init__.py.in:300
msgid "Attribute listing authorized server hosts"
msgstr "Attribut för listning av auktoriserade servervärdar"
-#: src/config/SSSDConfig/__init__.py.in:298
+#: src/config/SSSDConfig/__init__.py.in:301
msgid "krbLastPwdChange attribute"
msgstr "attributet krbLastPwdChange"
-#: src/config/SSSDConfig/__init__.py.in:299
+#: src/config/SSSDConfig/__init__.py.in:302
msgid "krbPasswordExpiration attribute"
msgstr "krbPasswordExpiration-attribut"
-#: src/config/SSSDConfig/__init__.py.in:300
+#: src/config/SSSDConfig/__init__.py.in:303
msgid "Attribute indicating that server side password policies are active"
msgstr "Attribut som indikerar att serversidans lösenordspolicyer är aktiva"
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "accountExpires attribute of AD"
msgstr "AD:s attribut accountExpires"
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "userAccountControl attribute of AD"
msgstr "AD:s attribut userAccountControl"
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "nsAccountLock attribute"
msgstr "attributet nsAccountLock"
-#: src/config/SSSDConfig/__init__.py.in:304
+#: src/config/SSSDConfig/__init__.py.in:307
msgid "loginDisabled attribute of NDS"
msgstr "NDS attribut loginDisabled"
-#: src/config/SSSDConfig/__init__.py.in:305
+#: src/config/SSSDConfig/__init__.py.in:308
msgid "loginExpirationTime attribute of NDS"
msgstr "NDS attribut loginExpirationTime"
-#: src/config/SSSDConfig/__init__.py.in:306
+#: src/config/SSSDConfig/__init__.py.in:309
msgid "loginAllowedTimeMap attribute of NDS"
msgstr "NDS attribut loginAllowedTimeMap"
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "SSH public key attribute"
msgstr "Attribut för publik SSH-nyckel"
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "A list of extra attributes to download along with the user entry"
msgstr "En lista över extra attribut att hämta tillsammans med användarposten"
-#: src/config/SSSDConfig/__init__.py.in:310
+#: src/config/SSSDConfig/__init__.py.in:313
msgid "Base DN for group lookups"
msgstr "Bas-DN för gruppuppslagningar"
-#: src/config/SSSDConfig/__init__.py.in:313
+#: src/config/SSSDConfig/__init__.py.in:316
msgid "Objectclass for groups"
msgstr "Objektklass för grupper"
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "Group name"
msgstr "Gruppnamn"
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Group password"
msgstr "Grupplösenord"
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid "GID attribute"
msgstr "GID-attribut"
-#: src/config/SSSDConfig/__init__.py.in:317
+#: src/config/SSSDConfig/__init__.py.in:320
msgid "Group member attribute"
msgstr "Gruppmedlemsattribut"
-#: src/config/SSSDConfig/__init__.py.in:318
+#: src/config/SSSDConfig/__init__.py.in:321
#, fuzzy
msgid "Group UUID attribute"
msgstr "UID-attribut"
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "Modification time attribute for groups"
msgstr "Modifieringstidsattribut för grupper"
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "Type of the group and other flags"
msgstr "Typen av grupp och andra flaggor"
-#: src/config/SSSDConfig/__init__.py.in:323
+#: src/config/SSSDConfig/__init__.py.in:326
msgid "Maximum nesting level SSSd will follow"
msgstr "Maximal nästningsnivå SSSd kommer följa"
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Base DN for netgroup lookups"
msgstr "Bas-DN för nätgruppuppslagningar"
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Objectclass for netgroups"
msgstr "Objektklass för nätgrupper"
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Netgroup name"
msgstr "Nätgruppnamn"
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Netgroups members attribute"
msgstr "Attribut på nätgruppmedlemmar"
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid "Netgroup triple attribute"
msgstr "Attribut på nätgruppstripplar"
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "Modification time attribute for netgroups"
msgstr "Modifieringstidsattribut för nätgrupper"
-#: src/config/SSSDConfig/__init__.py.in:332
+#: src/config/SSSDConfig/__init__.py.in:335
msgid "Base DN for service lookups"
msgstr "Bas-DN för tjänsteuppslagningar"
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Objectclass for services"
msgstr "Objektklass för tjänster"
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Service name attribute"
msgstr "Tjänstenamnsattribut"
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Service port attribute"
msgstr "Tjänsteportsattribut"
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Service protocol attribute"
msgstr "Tjänsteprotokollsattribut"
-#: src/config/SSSDConfig/__init__.py.in:339
+#: src/config/SSSDConfig/__init__.py.in:342
msgid "Lower bound for ID-mapping"
msgstr "Undre gräns för ID-mappning"
-#: src/config/SSSDConfig/__init__.py.in:340
+#: src/config/SSSDConfig/__init__.py.in:343
msgid "Upper bound for ID-mapping"
msgstr "Övre gräns för ID-mappning"
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Number of IDs for each slice when ID-mapping"
msgstr "Antal ID:n till varje skiva vid ID-mappning"
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr "Använd en autorid-kompatibel algoritm för ID-mappning"
-#: src/config/SSSDConfig/__init__.py.in:343
+#: src/config/SSSDConfig/__init__.py.in:346
msgid "Name of the default domain for ID-mapping"
msgstr "Standarddomänens namn för ID-mappning"
-#: src/config/SSSDConfig/__init__.py.in:344
+#: src/config/SSSDConfig/__init__.py.in:347
msgid "SID of the default domain for ID-mapping"
msgstr "Standarddomänens SID för ID-mappning"
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr "Använd LDAP_MATCHING_RULE_IN_CHAIN för gruppuppslagningar"
-#: src/config/SSSDConfig/__init__.py.in:347
+#: src/config/SSSDConfig/__init__.py.in:350
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr "Använd LDAP_MATCHING_RULE_IN_CHAIN för init-gruppuppslagningar"
-#: src/config/SSSDConfig/__init__.py.in:348
+#: src/config/SSSDConfig/__init__.py.in:351
msgid "Whether to use Token-Groups"
msgstr "Huruvida Token-Groups skall användas"
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "Set lower boundary for allowed IDs from the LDAP server"
msgstr "Sätt undre gräns för tillåtna ID:n från LDAP-servern"
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Set upper boundary for allowed IDs from the LDAP server"
msgstr "Sätt övre gräns för tillåtna ID:n från LDAP-servern"
-#: src/config/SSSDConfig/__init__.py.in:351
+#: src/config/SSSDConfig/__init__.py.in:354
msgid "DN for ppolicy queries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:354
+#: src/config/SSSDConfig/__init__.py.in:357
msgid "Policy to evaluate the password expiration"
msgstr "Policy för att utvärdera utgång av lösenord"
-#: src/config/SSSDConfig/__init__.py.in:358
+#: src/config/SSSDConfig/__init__.py.in:361
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr "Vilka attribut skall användas för att avgöra om ett konto gått ut"
-#: src/config/SSSDConfig/__init__.py.in:359
+#: src/config/SSSDConfig/__init__.py.in:362
msgid "Which rules should be used to evaluate access control"
msgstr "Vilka regler skall användas för att avgöra åtkomstkontroll"
-#: src/config/SSSDConfig/__init__.py.in:362
+#: src/config/SSSDConfig/__init__.py.in:365
msgid "URI of an LDAP server where password changes are allowed"
msgstr "URI till en LDAP-server där lösenordsändringar är tillåtna"
-#: src/config/SSSDConfig/__init__.py.in:363
+#: src/config/SSSDConfig/__init__.py.in:366
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr "URI till en reserv-LDAP-server där lösenordsändringar är tillåtna"
-#: src/config/SSSDConfig/__init__.py.in:364
+#: src/config/SSSDConfig/__init__.py.in:367
msgid "DNS service name for LDAP password change server"
msgstr "DNS-tjänstenamn för LDAP-lösenordsändringsservern"
-#: src/config/SSSDConfig/__init__.py.in:365
+#: src/config/SSSDConfig/__init__.py.in:368
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
@@ -1110,24 +1122,24 @@ msgstr ""
"Huruvida attributet ldap_user_shadow_last_change skall uppdateras efter en "
"ändring av lösenord"
-#: src/config/SSSDConfig/__init__.py.in:368
+#: src/config/SSSDConfig/__init__.py.in:371
msgid "Base DN for sudo rules lookups"
msgstr "Bas-DN för regeluppslagningar"
-#: src/config/SSSDConfig/__init__.py.in:369
+#: src/config/SSSDConfig/__init__.py.in:372
msgid "Automatic full refresh period"
msgstr "Intervall mellan automatisk fullständig omläsning"
-#: src/config/SSSDConfig/__init__.py.in:370
+#: src/config/SSSDConfig/__init__.py.in:373
msgid "Automatic smart refresh period"
msgstr "Intervall mellan automatisk smart omläsning"
-#: src/config/SSSDConfig/__init__.py.in:371
+#: src/config/SSSDConfig/__init__.py.in:374
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
"Huruvida regler skall filtreras efter värdnamn, IP-adresser och nätverk"
-#: src/config/SSSDConfig/__init__.py.in:372
+#: src/config/SSSDConfig/__init__.py.in:375
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
@@ -1135,121 +1147,121 @@ msgstr ""
"Värdnamn och/eller fullständigt kvalificerade domännamn på denna maskin för "
"att filtrera sudo-regler"
-#: src/config/SSSDConfig/__init__.py.in:373
+#: src/config/SSSDConfig/__init__.py.in:376
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
"IPv4- eller IPv6-adresser eller -nätverk för denna maskin för att filtrera "
"sudo-regler"
-#: src/config/SSSDConfig/__init__.py.in:374
+#: src/config/SSSDConfig/__init__.py.in:377
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
"Huruvida regler som innehåller nätgrupper i värdattribut skall inkluderas"
-#: src/config/SSSDConfig/__init__.py.in:375
+#: src/config/SSSDConfig/__init__.py.in:378
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
"Huruvida regler som innehåller reguljära uttryck i värdattribut skall "
"inkluderas"
-#: src/config/SSSDConfig/__init__.py.in:376
+#: src/config/SSSDConfig/__init__.py.in:379
msgid "Object class for sudo rules"
msgstr "Objektklass för sudo-regler"
-#: src/config/SSSDConfig/__init__.py.in:377
+#: src/config/SSSDConfig/__init__.py.in:380
msgid "Sudo rule name"
msgstr "Sudo-regelnamn"
-#: src/config/SSSDConfig/__init__.py.in:378
+#: src/config/SSSDConfig/__init__.py.in:381
msgid "Sudo rule command attribute"
msgstr "Attribut för sudo-regelkommandon"
-#: src/config/SSSDConfig/__init__.py.in:379
+#: src/config/SSSDConfig/__init__.py.in:382
msgid "Sudo rule host attribute"
msgstr "Attribut för sudo-regelvärd"
-#: src/config/SSSDConfig/__init__.py.in:380
+#: src/config/SSSDConfig/__init__.py.in:383
msgid "Sudo rule user attribute"
msgstr "Attribut för sudo-regelanvändare"
-#: src/config/SSSDConfig/__init__.py.in:381
+#: src/config/SSSDConfig/__init__.py.in:384
msgid "Sudo rule option attribute"
msgstr "Attribut för sudo-regelflaggor"
-#: src/config/SSSDConfig/__init__.py.in:382
+#: src/config/SSSDConfig/__init__.py.in:385
msgid "Sudo rule runas attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:383
+#: src/config/SSSDConfig/__init__.py.in:386
msgid "Sudo rule runasuser attribute"
msgstr "Attribut för sudo-runasuser"
-#: src/config/SSSDConfig/__init__.py.in:384
+#: src/config/SSSDConfig/__init__.py.in:387
msgid "Sudo rule runasgroup attribute"
msgstr "Attribut på runasgroup i sudo-regel"
-#: src/config/SSSDConfig/__init__.py.in:385
+#: src/config/SSSDConfig/__init__.py.in:388
msgid "Sudo rule notbefore attribute"
msgstr "Attribut för sudo-notbefore-regler"
-#: src/config/SSSDConfig/__init__.py.in:386
+#: src/config/SSSDConfig/__init__.py.in:389
msgid "Sudo rule notafter attribute"
msgstr "Attribut för sudo-notafter-regler"
-#: src/config/SSSDConfig/__init__.py.in:387
+#: src/config/SSSDConfig/__init__.py.in:390
msgid "Sudo rule order attribute"
msgstr "Attribut för sudo-order-regler"
-#: src/config/SSSDConfig/__init__.py.in:390
+#: src/config/SSSDConfig/__init__.py.in:393
msgid "Object class for automounter maps"
msgstr "Objektklass för automatmonteraravbildningar"
-#: src/config/SSSDConfig/__init__.py.in:391
+#: src/config/SSSDConfig/__init__.py.in:394
msgid "Automounter map name attribute"
msgstr "Attribut för automatmonteraravbildningsnamn"
-#: src/config/SSSDConfig/__init__.py.in:392
+#: src/config/SSSDConfig/__init__.py.in:395
msgid "Object class for automounter map entries"
msgstr "Objektklass för poster i automatmonteraravbildningar"
-#: src/config/SSSDConfig/__init__.py.in:393
+#: src/config/SSSDConfig/__init__.py.in:396
msgid "Automounter map entry key attribute"
msgstr "Attribut för postnycklar i automatmonteraravbildningar"
-#: src/config/SSSDConfig/__init__.py.in:394
+#: src/config/SSSDConfig/__init__.py.in:397
msgid "Automounter map entry value attribute"
msgstr "Attribut på postvärde i avbildning för automatmonteraren"
-#: src/config/SSSDConfig/__init__.py.in:395
+#: src/config/SSSDConfig/__init__.py.in:398
msgid "Base DN for automounter map lookups"
msgstr "Bas-DN för uppslagningar i automatmonteraravbildningar"
-#: src/config/SSSDConfig/__init__.py.in:398
+#: src/config/SSSDConfig/__init__.py.in:401
msgid "Comma separated list of allowed users"
msgstr "Kommaseparerad lista över tillåtna användare"
-#: src/config/SSSDConfig/__init__.py.in:399
+#: src/config/SSSDConfig/__init__.py.in:402
msgid "Comma separated list of prohibited users"
msgstr "Kommaseparerad lista över förbjudna användare"
-#: src/config/SSSDConfig/__init__.py.in:402
+#: src/config/SSSDConfig/__init__.py.in:405
msgid "Default shell, /bin/bash"
msgstr "Standardskal, /bin/bash"
-#: src/config/SSSDConfig/__init__.py.in:403
+#: src/config/SSSDConfig/__init__.py.in:406
msgid "Base for home directories"
msgstr "Bas för hemkataloger"
-#: src/config/SSSDConfig/__init__.py.in:406
+#: src/config/SSSDConfig/__init__.py.in:409
msgid "The name of the NSS library to use"
msgstr "Namnet på NSS-biblioteket att använda"
-#: src/config/SSSDConfig/__init__.py.in:407
+#: src/config/SSSDConfig/__init__.py.in:410
msgid "Whether to look up canonical group name from cache if possible"
msgstr "Huruvida kanoniska gruppnamn skall slås upp från cachen om möjligt"
-#: src/config/SSSDConfig/__init__.py.in:410
+#: src/config/SSSDConfig/__init__.py.in:413
msgid "PAM stack to use"
msgstr "PAM-stack att använda"
@@ -1269,26 +1281,26 @@ msgstr "Ange en konfigurationsfil annan än standard"
msgid "Print version number and exit"
msgstr "Skriv ut versionsnumret och avsluta"
-#: src/providers/krb5/krb5_child.c:2342 src/providers/ldap/ldap_child.c:589
+#: src/providers/krb5/krb5_child.c:2342 src/providers/ldap/ldap_child.c:609
#: src/util/util.h:108
msgid "Debug level"
msgstr "Felsökningsnivå"
-#: src/providers/krb5/krb5_child.c:2344 src/providers/ldap/ldap_child.c:591
+#: src/providers/krb5/krb5_child.c:2344 src/providers/ldap/ldap_child.c:611
#: src/util/util.h:114
msgid "Add debug timestamps"
msgstr "Lägg till felsökningstidstämplar"
-#: src/providers/krb5/krb5_child.c:2346 src/providers/ldap/ldap_child.c:593
+#: src/providers/krb5/krb5_child.c:2346 src/providers/ldap/ldap_child.c:613
#: src/util/util.h:116
msgid "Show timestamps with microseconds"
msgstr "Visa tidsstämplar med mikrosekunder"
-#: src/providers/krb5/krb5_child.c:2348 src/providers/ldap/ldap_child.c:595
+#: src/providers/krb5/krb5_child.c:2348 src/providers/ldap/ldap_child.c:615
msgid "An open file descriptor for the debug logs"
msgstr "Ett öppet filhandtag för felsökningsloggarna"
-#: src/providers/krb5/krb5_child.c:2351 src/providers/ldap/ldap_child.c:597
+#: src/providers/krb5/krb5_child.c:2351 src/providers/ldap/ldap_child.c:617
#: src/util/util.h:112
msgid "Send the debug output to stderr directly."
msgstr ""
@@ -1301,69 +1313,78 @@ msgstr ""
msgid "The group to create FAST ccache as"
msgstr ""
-#: src/providers/data_provider_be.c:2833
+#: src/providers/data_provider_be.c:2834
msgid "Domain of the information provider (mandatory)"
msgstr "Domän för informationsleverantören (obligatoriskt)"
-#: src/sss_client/common.c:969
+#: src/sss_client/common.c:971
msgid "Privileged socket has wrong ownership or permissions."
msgstr "Priviligierat uttag (socket) har fel ägarskap eller rättigheter."
-#: src/sss_client/common.c:972
+#: src/sss_client/common.c:974
msgid "Public socket has wrong ownership or permissions."
msgstr "Publikt uttag (socket) har fel ägarskap eller rättigheter."
-#: src/sss_client/common.c:975
+#: src/sss_client/common.c:977
msgid "Unexpected format of the server credential message."
msgstr "Oväntat format på serverns kreditivmeddelande."
-#: src/sss_client/common.c:978
+#: src/sss_client/common.c:980
msgid "SSSD is not run by root."
msgstr "SSSD körs inte av root."
-#: src/sss_client/common.c:983
+#: src/sss_client/common.c:985
msgid "An error occurred, but no description can be found."
msgstr "Ett fel uppstod, men ingen beskrivning kan hittas."
-#: src/sss_client/common.c:989
+#: src/sss_client/common.c:991
msgid "Unexpected error while looking for an error description"
msgstr "Oväntat fel vid sökning efter ett felmeddelande"
-#: src/sss_client/pam_sss.c:398
+#: src/sss_client/pam_sss.c:63
+msgid "Permission denied. "
+msgstr ""
+
+#: src/sss_client/pam_sss.c:64 src/sss_client/pam_sss.c:883
+#: src/sss_client/pam_sss.c:894
+msgid "Server message: "
+msgstr "Servermeddelande: "
+
+#: src/sss_client/pam_sss.c:401
msgid "Passwords do not match"
msgstr "Lösenorden stämmer inte överens"
-#: src/sss_client/pam_sss.c:586
+#: src/sss_client/pam_sss.c:589
msgid "Password reset by root is not supported."
msgstr "Återställning av lösenord av root stöds inte."
-#: src/sss_client/pam_sss.c:627
+#: src/sss_client/pam_sss.c:630
msgid "Authenticated with cached credentials"
msgstr "Autentiserad med cachade kreditiv"
-#: src/sss_client/pam_sss.c:628
+#: src/sss_client/pam_sss.c:631
msgid ", your cached password will expire at: "
msgstr ", ditt cache-lösenord kommer gå ut: "
-#: src/sss_client/pam_sss.c:658
+#: src/sss_client/pam_sss.c:661
#, c-format
msgid "Your password has expired. You have %1$d grace login(s) remaining."
msgstr "Ditt lösenord har gått ut. Du har en frist på %1$d inloggningar kvar."
-#: src/sss_client/pam_sss.c:704
+#: src/sss_client/pam_sss.c:707
#, c-format
msgid "Your password will expire in %1$d %2$s."
msgstr "Ditt lösenordet kommer gå ut om %1$d %2$s."
-#: src/sss_client/pam_sss.c:753
+#: src/sss_client/pam_sss.c:756
msgid "Authentication is denied until: "
msgstr "Autentisering nekas till: "
-#: src/sss_client/pam_sss.c:774
+#: src/sss_client/pam_sss.c:777
msgid "System is offline, password change not possible"
msgstr "Systemet är frånkopplat, ändring av lösenord är inte möjligt"
-#: src/sss_client/pam_sss.c:789
+#: src/sss_client/pam_sss.c:792
msgid ""
"After changing the OTP password, you need to log out and back in order to "
"acquire a ticket"
@@ -1371,31 +1392,27 @@ msgstr ""
"Efter att ha ändrat OTP-lösenordet behöver du logga ut och tillbaka in för "
"att få en biljett"
-#: src/sss_client/pam_sss.c:820 src/sss_client/pam_sss.c:833
+#: src/sss_client/pam_sss.c:880 src/sss_client/pam_sss.c:893
msgid "Password change failed. "
msgstr "Lösenordsändringen misslyckades. "
-#: src/sss_client/pam_sss.c:823 src/sss_client/pam_sss.c:834
-msgid "Server message: "
-msgstr "Servermeddelande: "
-
-#: src/sss_client/pam_sss.c:1274
+#: src/sss_client/pam_sss.c:1336
msgid "New Password: "
msgstr "Nytt lösenord: "
-#: src/sss_client/pam_sss.c:1275
+#: src/sss_client/pam_sss.c:1337
msgid "Reenter new Password: "
msgstr "Skriv det nya lösenordet igen: "
-#: src/sss_client/pam_sss.c:1374
+#: src/sss_client/pam_sss.c:1436
msgid "Password: "
msgstr "Lösenord: "
-#: src/sss_client/pam_sss.c:1406
+#: src/sss_client/pam_sss.c:1468
msgid "Current Password: "
msgstr "Nuvarande lösenord: "
-#: src/sss_client/pam_sss.c:1582
+#: src/sss_client/pam_sss.c:1644
msgid "Password expired. Change your password now."
msgstr "Lösenordet har gått ut. Ändra ditt lösenord nu."
diff --git a/po/tg.po b/po/tg.po
index fbf1afc0b..96f03f1fe 100644
--- a/po/tg.po
+++ b/po/tg.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2015-02-18 16:53+0100\n"
+"POT-Creation-Date: 2015-06-12 10:37+0200\n"
"PO-Revision-Date: 2014-06-04 02:04-0400\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Tajik (http://www.transifex.com/projects/p/sssd/language/"
@@ -17,7 +17,7 @@ msgstr ""
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"
-"X-Generator: Zanata 3.5.1\n"
+"X-Generator: Zanata 3.6.2\n"
#: src/config/SSSDConfig/__init__.py.in:43
msgid "Set the verbosity of the debug logging"
@@ -103,7 +103,7 @@ msgid "Entry cache background update timeout length (seconds)"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:67
-#: src/config/SSSDConfig/__init__.py.in:96
+#: src/config/SSSDConfig/__init__.py.in:97
msgid "Negative cache timeout length (seconds)"
msgstr ""
@@ -197,1025 +197,1037 @@ msgstr ""
msgid "List of domains accessible even for untrusted users."
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:93
+#: src/config/SSSDConfig/__init__.py.in:91
+msgid "Message printed when user account is expired."
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:94
msgid "Whether to evaluate the time-based attributes in sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:99
+#: src/config/SSSDConfig/__init__.py.in:100
msgid "Whether to hash host names and addresses in the known_hosts file"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:100
+#: src/config/SSSDConfig/__init__.py.in:101
msgid ""
"How many seconds to keep a host in the known_hosts file after its host keys "
"were requested"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:103
+#: src/config/SSSDConfig/__init__.py.in:104
msgid "List of UIDs or user names allowed to access the PAC responder"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:106
+#: src/config/SSSDConfig/__init__.py.in:107
msgid "List of UIDs or user names allowed to access the InfoPipe responder"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:107
+#: src/config/SSSDConfig/__init__.py.in:108
msgid "List of user attributes the InfoPipe is allowed to publish"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:110
+#: src/config/SSSDConfig/__init__.py.in:111
msgid "Identity provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:111
+#: src/config/SSSDConfig/__init__.py.in:112
msgid "Authentication provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:112
+#: src/config/SSSDConfig/__init__.py.in:113
msgid "Access control provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:113
+#: src/config/SSSDConfig/__init__.py.in:114
msgid "Password change provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:114
+#: src/config/SSSDConfig/__init__.py.in:115
msgid "SUDO provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:115
+#: src/config/SSSDConfig/__init__.py.in:116
msgid "Autofs provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:116
+#: src/config/SSSDConfig/__init__.py.in:117
msgid "Session-loading provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:117
+#: src/config/SSSDConfig/__init__.py.in:118
msgid "Host identity provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:120
+#: src/config/SSSDConfig/__init__.py.in:121
msgid "Minimum user ID"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:121
+#: src/config/SSSDConfig/__init__.py.in:122
msgid "Maximum user ID"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:122
+#: src/config/SSSDConfig/__init__.py.in:123
msgid "Enable enumerating all users/groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:123
+#: src/config/SSSDConfig/__init__.py.in:124
msgid "Cache credentials for offline login"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:124
+#: src/config/SSSDConfig/__init__.py.in:125
msgid "Store password hashes"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:125
+#: src/config/SSSDConfig/__init__.py.in:126
msgid "Display users/groups in fully-qualified form"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:126
+#: src/config/SSSDConfig/__init__.py.in:127
msgid "Don't include group members in group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:127
-#: src/config/SSSDConfig/__init__.py.in:134
+#: src/config/SSSDConfig/__init__.py.in:128
#: src/config/SSSDConfig/__init__.py.in:135
#: src/config/SSSDConfig/__init__.py.in:136
#: src/config/SSSDConfig/__init__.py.in:137
#: src/config/SSSDConfig/__init__.py.in:138
#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "Entry cache timeout length (seconds)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:128
+#: src/config/SSSDConfig/__init__.py.in:129
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:129
+#: src/config/SSSDConfig/__init__.py.in:130
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:130
+#: src/config/SSSDConfig/__init__.py.in:131
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "The domain part of service discovery DNS query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "Override GID value from the identity provider with this value"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Treat usernames as case sensitive"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "How often should expired entries be refreshed in background"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "Whether to automatically update the client's DNS entry"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:142
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:143
+#: src/config/SSSDConfig/__init__.py.in:159
msgid "The TTL to apply to the client's DNS entry after updating it"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:143
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:145
msgid "How often to periodically update the client's DNS entry"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:146
msgid "Whether the provider should explicitly update the PTR record as well"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:147
msgid "Whether the nsupdate utility should default to using TCP"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "What kind of authentication should be used to perform the DNS update"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:148
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "Control enumeration of trusted domains"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:149
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "How often should subdomains list be refreshed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:152
+#: src/config/SSSDConfig/__init__.py.in:151
+msgid "List of options that should be inherited into a subdomain"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:154
msgid "IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:155
msgid "IPA server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:154
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Address of backup IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:155
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "IPA client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:156
+#: src/config/SSSDConfig/__init__.py.in:158
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:161
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:160
+#: src/config/SSSDConfig/__init__.py.in:162
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:161
+#: src/config/SSSDConfig/__init__.py.in:163
msgid ""
"The amount of time in seconds between lookups of the SELinux maps against "
"the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:162
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "The automounter location this IPA client is using"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Search base for object containing info about IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:168
msgid "Search base for objects containing info about ID ranges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:167
-#: src/config/SSSDConfig/__init__.py.in:181
+#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:183
msgid "Enable DNS sites - location based service discovery"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:168
+#: src/config/SSSDConfig/__init__.py.in:170
msgid "Search base for view containers"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:171
msgid "Objectclass for view containers"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:170
+#: src/config/SSSDConfig/__init__.py.in:172
msgid "Attribute with the name of the view"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
msgid "Objectclass for override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:172
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Attribute with the reference to the original object"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:175
msgid "Objectclass for user override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:176
msgid "Objectclass for group override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "Active Directory domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "Active Directory server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "Active Directory backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "Active Directory client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:182
-#: src/config/SSSDConfig/__init__.py.in:357
+#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:360
msgid "LDAP filter to determine access privileges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:183
+#: src/config/SSSDConfig/__init__.py.in:185
msgid "Whether to use the Global Catalog for lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Operation mode for GPO-based access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:187
msgid ""
"The amount of time between lookups of the GPO policy files against the AD "
"server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:186
+#: src/config/SSSDConfig/__init__.py.in:188
msgid ""
"PAM service names that map to the GPO (Deny)InteractiveLogonRight policy "
"settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:189
msgid ""
"PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight "
"policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:190
msgid ""
"PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:191
msgid ""
"PAM service names that map to the GPO (Deny)BatchLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:192
msgid ""
"PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "PAM service names for which GPO-based access is always granted"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "PAM service names for which GPO-based access is always denied"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:195
msgid ""
"Default logon right (or permit/deny) to use for unmapped PAM service names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "a particular site to be used by the client"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:197
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "Kerberos server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Kerberos backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "Kerberos realm"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "Authentication timeout"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "Whether to create kdcinfo files"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "Where to drop krb5 config snippets"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "Directory to store credential caches"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:207
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "Location of the user's credential cache"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:210
msgid "Location of the keytab to validate credentials"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:209
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "Enable credential validation"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:212
msgid "Store password if offline for later online authentication"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:211
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:212
+#: src/config/SSSDConfig/__init__.py.in:214
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:215
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "Enables FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "Selects the principal to use for FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:218
msgid "Enables principal canonicalization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:217
+#: src/config/SSSDConfig/__init__.py.in:219
msgid "Enables enterprise principals"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:220
-#: src/config/SSSDConfig/__init__.py.in:221
-msgid "Server where the change password service is running if not on the KDC"
+msgid "A mapping from user names to kerberos principal names"
msgstr ""
+#: src/config/SSSDConfig/__init__.py.in:223
#: src/config/SSSDConfig/__init__.py.in:224
+msgid "Server where the change password service is running if not on the KDC"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:227
msgid "ldap_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:225
+#: src/config/SSSDConfig/__init__.py.in:228
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:226
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "The default base DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "The default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "The type of the authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "The authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:231
+#: src/config/SSSDConfig/__init__.py.in:234
msgid "Length of time to attempt connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Length of time to attempt synchronous LDAP operations"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "Length of time between attempts to reconnect while offline"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "File that contains CA certificates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Path to CA certificate directory"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:237
+#: src/config/SSSDConfig/__init__.py.in:240
msgid "File that contains the client certificate"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "File that contains the client key"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "Require TLS certificate verification"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "Specify the sasl mechanism to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "Specify the sasl authorization id to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "Specify the sasl authorization realm to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:244
+#: src/config/SSSDConfig/__init__.py.in:247
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Kerberos service keytab"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "Use Kerberos auth for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "Follow LDAP referrals"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "Lifetime of TGT for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:250
+#: src/config/SSSDConfig/__init__.py.in:253
msgid "Service name for DNS service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "entryUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "lastUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:260
+#: src/config/SSSDConfig/__init__.py.in:263
msgid "Disable the LDAP paging control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "Disable Active Directory range retrieval"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "Length of time to wait for a search request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "Length of time to wait for a enumeration request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "Length of time between enumeration updates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "Length of time between cache cleanups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "Require TLS for ID lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:269
+#: src/config/SSSDConfig/__init__.py.in:272
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:270
+#: src/config/SSSDConfig/__init__.py.in:273
msgid "Base DN for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:271
+#: src/config/SSSDConfig/__init__.py.in:274
msgid "Scope of user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:272
+#: src/config/SSSDConfig/__init__.py.in:275
msgid "Filter for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:273
+#: src/config/SSSDConfig/__init__.py.in:276
msgid "Objectclass for users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Username attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "UID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "Primary GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "GECOS attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:279
+#: src/config/SSSDConfig/__init__.py.in:282
msgid "Home directory attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "Shell attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
#, fuzzy
msgid "UUID attribute"
msgstr "Аттрибути GID"
-#: src/config/SSSDConfig/__init__.py.in:282
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:322
msgid "objectSID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Active Directory primary group attribute for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:284
+#: src/config/SSSDConfig/__init__.py.in:287
msgid "User principal attribute (for Kerberos)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:288
msgid "Full Name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:286
+#: src/config/SSSDConfig/__init__.py.in:289
msgid "memberOf attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Modification time attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "shadowMin attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "shadowMax attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:292
+#: src/config/SSSDConfig/__init__.py.in:295
msgid "shadowWarning attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:293
+#: src/config/SSSDConfig/__init__.py.in:296
msgid "shadowInactive attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "shadowExpire attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "shadowFlag attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:296
+#: src/config/SSSDConfig/__init__.py.in:299
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:297
+#: src/config/SSSDConfig/__init__.py.in:300
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:298
+#: src/config/SSSDConfig/__init__.py.in:301
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:299
+#: src/config/SSSDConfig/__init__.py.in:302
msgid "krbPasswordExpiration attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:300
+#: src/config/SSSDConfig/__init__.py.in:303
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "accountExpires attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "nsAccountLock attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:304
+#: src/config/SSSDConfig/__init__.py.in:307
msgid "loginDisabled attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:305
+#: src/config/SSSDConfig/__init__.py.in:308
msgid "loginExpirationTime attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:306
+#: src/config/SSSDConfig/__init__.py.in:309
msgid "loginAllowedTimeMap attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "SSH public key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "A list of extra attributes to download along with the user entry"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:310
+#: src/config/SSSDConfig/__init__.py.in:313
msgid "Base DN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:313
+#: src/config/SSSDConfig/__init__.py.in:316
msgid "Objectclass for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "Group name"
msgstr "Номи гурӯҳ"
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Group password"
msgstr "Пароли гурӯҳ"
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid "GID attribute"
msgstr "Аттрибути GID"
-#: src/config/SSSDConfig/__init__.py.in:317
+#: src/config/SSSDConfig/__init__.py.in:320
msgid "Group member attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:318
+#: src/config/SSSDConfig/__init__.py.in:321
#, fuzzy
msgid "Group UUID attribute"
msgstr "Аттрибути GID"
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "Modification time attribute for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "Type of the group and other flags"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:323
+#: src/config/SSSDConfig/__init__.py.in:326
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Base DN for netgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Objectclass for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Netgroups members attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid "Netgroup triple attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "Modification time attribute for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:332
+#: src/config/SSSDConfig/__init__.py.in:335
msgid "Base DN for service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Objectclass for services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Service name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Service port attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Service protocol attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:339
+#: src/config/SSSDConfig/__init__.py.in:342
msgid "Lower bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:340
+#: src/config/SSSDConfig/__init__.py.in:343
msgid "Upper bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:343
+#: src/config/SSSDConfig/__init__.py.in:346
msgid "Name of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:344
+#: src/config/SSSDConfig/__init__.py.in:347
msgid "SID of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:347
+#: src/config/SSSDConfig/__init__.py.in:350
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:348
+#: src/config/SSSDConfig/__init__.py.in:351
msgid "Whether to use Token-Groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "Set lower boundary for allowed IDs from the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Set upper boundary for allowed IDs from the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:351
+#: src/config/SSSDConfig/__init__.py.in:354
msgid "DN for ppolicy queries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:354
+#: src/config/SSSDConfig/__init__.py.in:357
msgid "Policy to evaluate the password expiration"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:358
+#: src/config/SSSDConfig/__init__.py.in:361
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:359
+#: src/config/SSSDConfig/__init__.py.in:362
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:362
+#: src/config/SSSDConfig/__init__.py.in:365
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:363
+#: src/config/SSSDConfig/__init__.py.in:366
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:364
+#: src/config/SSSDConfig/__init__.py.in:367
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:365
+#: src/config/SSSDConfig/__init__.py.in:368
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:368
+#: src/config/SSSDConfig/__init__.py.in:371
msgid "Base DN for sudo rules lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:369
+#: src/config/SSSDConfig/__init__.py.in:372
msgid "Automatic full refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:370
+#: src/config/SSSDConfig/__init__.py.in:373
msgid "Automatic smart refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:371
+#: src/config/SSSDConfig/__init__.py.in:374
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:372
+#: src/config/SSSDConfig/__init__.py.in:375
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:373
+#: src/config/SSSDConfig/__init__.py.in:376
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:374
+#: src/config/SSSDConfig/__init__.py.in:377
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:375
+#: src/config/SSSDConfig/__init__.py.in:378
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:376
+#: src/config/SSSDConfig/__init__.py.in:379
msgid "Object class for sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:377
+#: src/config/SSSDConfig/__init__.py.in:380
msgid "Sudo rule name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:378
+#: src/config/SSSDConfig/__init__.py.in:381
msgid "Sudo rule command attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:379
+#: src/config/SSSDConfig/__init__.py.in:382
msgid "Sudo rule host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:380
+#: src/config/SSSDConfig/__init__.py.in:383
msgid "Sudo rule user attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:381
+#: src/config/SSSDConfig/__init__.py.in:384
msgid "Sudo rule option attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:382
+#: src/config/SSSDConfig/__init__.py.in:385
msgid "Sudo rule runas attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:383
+#: src/config/SSSDConfig/__init__.py.in:386
msgid "Sudo rule runasuser attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:384
+#: src/config/SSSDConfig/__init__.py.in:387
msgid "Sudo rule runasgroup attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:385
+#: src/config/SSSDConfig/__init__.py.in:388
msgid "Sudo rule notbefore attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:386
+#: src/config/SSSDConfig/__init__.py.in:389
msgid "Sudo rule notafter attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:387
+#: src/config/SSSDConfig/__init__.py.in:390
msgid "Sudo rule order attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:390
+#: src/config/SSSDConfig/__init__.py.in:393
msgid "Object class for automounter maps"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:391
+#: src/config/SSSDConfig/__init__.py.in:394
msgid "Automounter map name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:392
+#: src/config/SSSDConfig/__init__.py.in:395
msgid "Object class for automounter map entries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:393
+#: src/config/SSSDConfig/__init__.py.in:396
msgid "Automounter map entry key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:394
+#: src/config/SSSDConfig/__init__.py.in:397
msgid "Automounter map entry value attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:395
+#: src/config/SSSDConfig/__init__.py.in:398
msgid "Base DN for automounter map lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:398
+#: src/config/SSSDConfig/__init__.py.in:401
msgid "Comma separated list of allowed users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:399
+#: src/config/SSSDConfig/__init__.py.in:402
msgid "Comma separated list of prohibited users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:402
+#: src/config/SSSDConfig/__init__.py.in:405
msgid "Default shell, /bin/bash"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:403
+#: src/config/SSSDConfig/__init__.py.in:406
msgid "Base for home directories"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:406
+#: src/config/SSSDConfig/__init__.py.in:409
msgid "The name of the NSS library to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:407
+#: src/config/SSSDConfig/__init__.py.in:410
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:410
+#: src/config/SSSDConfig/__init__.py.in:413
msgid "PAM stack to use"
msgstr ""
@@ -1235,26 +1247,26 @@ msgstr ""
msgid "Print version number and exit"
msgstr ""
-#: src/providers/krb5/krb5_child.c:2342 src/providers/ldap/ldap_child.c:589
+#: src/providers/krb5/krb5_child.c:2342 src/providers/ldap/ldap_child.c:609
#: src/util/util.h:108
msgid "Debug level"
msgstr ""
-#: src/providers/krb5/krb5_child.c:2344 src/providers/ldap/ldap_child.c:591
+#: src/providers/krb5/krb5_child.c:2344 src/providers/ldap/ldap_child.c:611
#: src/util/util.h:114
msgid "Add debug timestamps"
msgstr ""
-#: src/providers/krb5/krb5_child.c:2346 src/providers/ldap/ldap_child.c:593
+#: src/providers/krb5/krb5_child.c:2346 src/providers/ldap/ldap_child.c:613
#: src/util/util.h:116
msgid "Show timestamps with microseconds"
msgstr ""
-#: src/providers/krb5/krb5_child.c:2348 src/providers/ldap/ldap_child.c:595
+#: src/providers/krb5/krb5_child.c:2348 src/providers/ldap/ldap_child.c:615
msgid "An open file descriptor for the debug logs"
msgstr ""
-#: src/providers/krb5/krb5_child.c:2351 src/providers/ldap/ldap_child.c:597
+#: src/providers/krb5/krb5_child.c:2351 src/providers/ldap/ldap_child.c:617
#: src/util/util.h:112
msgid "Send the debug output to stderr directly."
msgstr ""
@@ -1267,99 +1279,104 @@ msgstr ""
msgid "The group to create FAST ccache as"
msgstr ""
-#: src/providers/data_provider_be.c:2833
+#: src/providers/data_provider_be.c:2834
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:969
+#: src/sss_client/common.c:971
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:972
+#: src/sss_client/common.c:974
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:975
+#: src/sss_client/common.c:977
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:978
+#: src/sss_client/common.c:980
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:983
+#: src/sss_client/common.c:985
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:989
+#: src/sss_client/common.c:991
msgid "Unexpected error while looking for an error description"
msgstr ""
-#: src/sss_client/pam_sss.c:398
+#: src/sss_client/pam_sss.c:63
+msgid "Permission denied. "
+msgstr ""
+
+#: src/sss_client/pam_sss.c:64 src/sss_client/pam_sss.c:883
+#: src/sss_client/pam_sss.c:894
+msgid "Server message: "
+msgstr ""
+
+#: src/sss_client/pam_sss.c:401
msgid "Passwords do not match"
msgstr "Паролҳо номувофиқанд"
-#: src/sss_client/pam_sss.c:586
+#: src/sss_client/pam_sss.c:589
msgid "Password reset by root is not supported."
msgstr ""
-#: src/sss_client/pam_sss.c:627
+#: src/sss_client/pam_sss.c:630
msgid "Authenticated with cached credentials"
msgstr ""
-#: src/sss_client/pam_sss.c:628
+#: src/sss_client/pam_sss.c:631
msgid ", your cached password will expire at: "
msgstr ""
-#: src/sss_client/pam_sss.c:658
+#: src/sss_client/pam_sss.c:661
#, c-format
msgid "Your password has expired. You have %1$d grace login(s) remaining."
msgstr ""
-#: src/sss_client/pam_sss.c:704
+#: src/sss_client/pam_sss.c:707
#, c-format
msgid "Your password will expire in %1$d %2$s."
msgstr ""
-#: src/sss_client/pam_sss.c:753
+#: src/sss_client/pam_sss.c:756
msgid "Authentication is denied until: "
msgstr ""
-#: src/sss_client/pam_sss.c:774
+#: src/sss_client/pam_sss.c:777
msgid "System is offline, password change not possible"
msgstr ""
-#: src/sss_client/pam_sss.c:789
+#: src/sss_client/pam_sss.c:792
msgid ""
"After changing the OTP password, you need to log out and back in order to "
"acquire a ticket"
msgstr ""
-#: src/sss_client/pam_sss.c:820 src/sss_client/pam_sss.c:833
+#: src/sss_client/pam_sss.c:880 src/sss_client/pam_sss.c:893
msgid "Password change failed. "
msgstr ""
-#: src/sss_client/pam_sss.c:823 src/sss_client/pam_sss.c:834
-msgid "Server message: "
-msgstr ""
-
-#: src/sss_client/pam_sss.c:1274
+#: src/sss_client/pam_sss.c:1336
msgid "New Password: "
msgstr "Пароли нав:"
-#: src/sss_client/pam_sss.c:1275
+#: src/sss_client/pam_sss.c:1337
msgid "Reenter new Password: "
msgstr ""
-#: src/sss_client/pam_sss.c:1374
+#: src/sss_client/pam_sss.c:1436
msgid "Password: "
msgstr "Парол:"
-#: src/sss_client/pam_sss.c:1406
+#: src/sss_client/pam_sss.c:1468
msgid "Current Password: "
msgstr ""
-#: src/sss_client/pam_sss.c:1582
+#: src/sss_client/pam_sss.c:1644
msgid "Password expired. Change your password now."
msgstr ""
diff --git a/po/tr.po b/po/tr.po
index 76bd05adf..f7ed15a47 100644
--- a/po/tr.po
+++ b/po/tr.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2015-02-18 16:53+0100\n"
+"POT-Creation-Date: 2015-06-12 10:37+0200\n"
"PO-Revision-Date: 2014-06-04 02:04-0400\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Turkish (http://www.transifex.com/projects/p/sssd/language/"
@@ -18,7 +18,7 @@ msgstr ""
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=(n > 1);\n"
-"X-Generator: Zanata 3.5.1\n"
+"X-Generator: Zanata 3.6.2\n"
#: src/config/SSSDConfig/__init__.py.in:43
msgid "Set the verbosity of the debug logging"
@@ -104,7 +104,7 @@ msgid "Entry cache background update timeout length (seconds)"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:67
-#: src/config/SSSDConfig/__init__.py.in:96
+#: src/config/SSSDConfig/__init__.py.in:97
msgid "Negative cache timeout length (seconds)"
msgstr ""
@@ -198,1023 +198,1035 @@ msgstr ""
msgid "List of domains accessible even for untrusted users."
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:93
+#: src/config/SSSDConfig/__init__.py.in:91
+msgid "Message printed when user account is expired."
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:94
msgid "Whether to evaluate the time-based attributes in sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:99
+#: src/config/SSSDConfig/__init__.py.in:100
msgid "Whether to hash host names and addresses in the known_hosts file"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:100
+#: src/config/SSSDConfig/__init__.py.in:101
msgid ""
"How many seconds to keep a host in the known_hosts file after its host keys "
"were requested"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:103
+#: src/config/SSSDConfig/__init__.py.in:104
msgid "List of UIDs or user names allowed to access the PAC responder"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:106
+#: src/config/SSSDConfig/__init__.py.in:107
msgid "List of UIDs or user names allowed to access the InfoPipe responder"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:107
+#: src/config/SSSDConfig/__init__.py.in:108
msgid "List of user attributes the InfoPipe is allowed to publish"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:110
+#: src/config/SSSDConfig/__init__.py.in:111
msgid "Identity provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:111
+#: src/config/SSSDConfig/__init__.py.in:112
msgid "Authentication provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:112
+#: src/config/SSSDConfig/__init__.py.in:113
msgid "Access control provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:113
+#: src/config/SSSDConfig/__init__.py.in:114
msgid "Password change provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:114
+#: src/config/SSSDConfig/__init__.py.in:115
msgid "SUDO provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:115
+#: src/config/SSSDConfig/__init__.py.in:116
msgid "Autofs provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:116
+#: src/config/SSSDConfig/__init__.py.in:117
msgid "Session-loading provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:117
+#: src/config/SSSDConfig/__init__.py.in:118
msgid "Host identity provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:120
+#: src/config/SSSDConfig/__init__.py.in:121
msgid "Minimum user ID"
msgstr "En az kullanıcı ID'si"
-#: src/config/SSSDConfig/__init__.py.in:121
+#: src/config/SSSDConfig/__init__.py.in:122
msgid "Maximum user ID"
msgstr "En fazla kullanıcı ID'si"
-#: src/config/SSSDConfig/__init__.py.in:122
+#: src/config/SSSDConfig/__init__.py.in:123
msgid "Enable enumerating all users/groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:123
+#: src/config/SSSDConfig/__init__.py.in:124
msgid "Cache credentials for offline login"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:124
+#: src/config/SSSDConfig/__init__.py.in:125
msgid "Store password hashes"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:125
+#: src/config/SSSDConfig/__init__.py.in:126
msgid "Display users/groups in fully-qualified form"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:126
+#: src/config/SSSDConfig/__init__.py.in:127
msgid "Don't include group members in group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:127
-#: src/config/SSSDConfig/__init__.py.in:134
+#: src/config/SSSDConfig/__init__.py.in:128
#: src/config/SSSDConfig/__init__.py.in:135
#: src/config/SSSDConfig/__init__.py.in:136
#: src/config/SSSDConfig/__init__.py.in:137
#: src/config/SSSDConfig/__init__.py.in:138
#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "Entry cache timeout length (seconds)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:128
+#: src/config/SSSDConfig/__init__.py.in:129
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:129
+#: src/config/SSSDConfig/__init__.py.in:130
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:130
+#: src/config/SSSDConfig/__init__.py.in:131
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "The domain part of service discovery DNS query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "Override GID value from the identity provider with this value"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Treat usernames as case sensitive"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "How often should expired entries be refreshed in background"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "Whether to automatically update the client's DNS entry"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:142
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:143
+#: src/config/SSSDConfig/__init__.py.in:159
msgid "The TTL to apply to the client's DNS entry after updating it"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:143
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:145
msgid "How often to periodically update the client's DNS entry"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:146
msgid "Whether the provider should explicitly update the PTR record as well"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:147
msgid "Whether the nsupdate utility should default to using TCP"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "What kind of authentication should be used to perform the DNS update"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:148
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "Control enumeration of trusted domains"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:149
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "How often should subdomains list be refreshed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:152
+#: src/config/SSSDConfig/__init__.py.in:151
+msgid "List of options that should be inherited into a subdomain"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:154
msgid "IPA domain"
msgstr "IPA alanı"
-#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:155
msgid "IPA server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:154
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Address of backup IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:155
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "IPA client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:156
+#: src/config/SSSDConfig/__init__.py.in:158
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:161
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:160
+#: src/config/SSSDConfig/__init__.py.in:162
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:161
+#: src/config/SSSDConfig/__init__.py.in:163
msgid ""
"The amount of time in seconds between lookups of the SELinux maps against "
"the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:162
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "The automounter location this IPA client is using"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Search base for object containing info about IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:168
msgid "Search base for objects containing info about ID ranges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:167
-#: src/config/SSSDConfig/__init__.py.in:181
+#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:183
msgid "Enable DNS sites - location based service discovery"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:168
+#: src/config/SSSDConfig/__init__.py.in:170
msgid "Search base for view containers"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:171
msgid "Objectclass for view containers"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:170
+#: src/config/SSSDConfig/__init__.py.in:172
msgid "Attribute with the name of the view"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
msgid "Objectclass for override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:172
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Attribute with the reference to the original object"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:175
msgid "Objectclass for user override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:176
msgid "Objectclass for group override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "Active Directory domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "Active Directory server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "Active Directory backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "Active Directory client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:182
-#: src/config/SSSDConfig/__init__.py.in:357
+#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:360
msgid "LDAP filter to determine access privileges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:183
+#: src/config/SSSDConfig/__init__.py.in:185
msgid "Whether to use the Global Catalog for lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Operation mode for GPO-based access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:187
msgid ""
"The amount of time between lookups of the GPO policy files against the AD "
"server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:186
+#: src/config/SSSDConfig/__init__.py.in:188
msgid ""
"PAM service names that map to the GPO (Deny)InteractiveLogonRight policy "
"settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:189
msgid ""
"PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight "
"policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:190
msgid ""
"PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:191
msgid ""
"PAM service names that map to the GPO (Deny)BatchLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:192
msgid ""
"PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "PAM service names for which GPO-based access is always granted"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "PAM service names for which GPO-based access is always denied"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:195
msgid ""
"Default logon right (or permit/deny) to use for unmapped PAM service names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "a particular site to be used by the client"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:197
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "Kerberos server address"
msgstr "Kerberos sunucu adresi"
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Kerberos backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "Kerberos realm"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "Authentication timeout"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "Whether to create kdcinfo files"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "Where to drop krb5 config snippets"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "Directory to store credential caches"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:207
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "Location of the user's credential cache"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:210
msgid "Location of the keytab to validate credentials"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:209
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "Enable credential validation"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:212
msgid "Store password if offline for later online authentication"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:211
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:212
+#: src/config/SSSDConfig/__init__.py.in:214
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:215
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "Enables FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "Selects the principal to use for FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:218
msgid "Enables principal canonicalization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:217
+#: src/config/SSSDConfig/__init__.py.in:219
msgid "Enables enterprise principals"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:220
-#: src/config/SSSDConfig/__init__.py.in:221
-msgid "Server where the change password service is running if not on the KDC"
+msgid "A mapping from user names to kerberos principal names"
msgstr ""
+#: src/config/SSSDConfig/__init__.py.in:223
#: src/config/SSSDConfig/__init__.py.in:224
+msgid "Server where the change password service is running if not on the KDC"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:227
msgid "ldap_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:225
+#: src/config/SSSDConfig/__init__.py.in:228
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:226
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "The default base DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "The default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "The type of the authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "The authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:231
+#: src/config/SSSDConfig/__init__.py.in:234
msgid "Length of time to attempt connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Length of time to attempt synchronous LDAP operations"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "Length of time between attempts to reconnect while offline"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "File that contains CA certificates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Path to CA certificate directory"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:237
+#: src/config/SSSDConfig/__init__.py.in:240
msgid "File that contains the client certificate"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "File that contains the client key"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "Require TLS certificate verification"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "Specify the sasl mechanism to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "Specify the sasl authorization id to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "Specify the sasl authorization realm to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:244
+#: src/config/SSSDConfig/__init__.py.in:247
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Kerberos service keytab"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "Use Kerberos auth for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "Follow LDAP referrals"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "Lifetime of TGT for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:250
+#: src/config/SSSDConfig/__init__.py.in:253
msgid "Service name for DNS service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "entryUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "lastUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:260
+#: src/config/SSSDConfig/__init__.py.in:263
msgid "Disable the LDAP paging control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "Disable Active Directory range retrieval"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "Length of time to wait for a search request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "Length of time to wait for a enumeration request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "Length of time between enumeration updates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "Length of time between cache cleanups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "Require TLS for ID lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:269
+#: src/config/SSSDConfig/__init__.py.in:272
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:270
+#: src/config/SSSDConfig/__init__.py.in:273
msgid "Base DN for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:271
+#: src/config/SSSDConfig/__init__.py.in:274
msgid "Scope of user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:272
+#: src/config/SSSDConfig/__init__.py.in:275
msgid "Filter for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:273
+#: src/config/SSSDConfig/__init__.py.in:276
msgid "Objectclass for users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Username attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "UID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "Primary GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "GECOS attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:279
+#: src/config/SSSDConfig/__init__.py.in:282
msgid "Home directory attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "Shell attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
msgid "UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:282
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:322
msgid "objectSID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Active Directory primary group attribute for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:284
+#: src/config/SSSDConfig/__init__.py.in:287
msgid "User principal attribute (for Kerberos)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:288
msgid "Full Name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:286
+#: src/config/SSSDConfig/__init__.py.in:289
msgid "memberOf attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Modification time attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "shadowMin attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "shadowMax attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:292
+#: src/config/SSSDConfig/__init__.py.in:295
msgid "shadowWarning attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:293
+#: src/config/SSSDConfig/__init__.py.in:296
msgid "shadowInactive attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "shadowExpire attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "shadowFlag attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:296
+#: src/config/SSSDConfig/__init__.py.in:299
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:297
+#: src/config/SSSDConfig/__init__.py.in:300
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:298
+#: src/config/SSSDConfig/__init__.py.in:301
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:299
+#: src/config/SSSDConfig/__init__.py.in:302
msgid "krbPasswordExpiration attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:300
+#: src/config/SSSDConfig/__init__.py.in:303
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "accountExpires attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "nsAccountLock attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:304
+#: src/config/SSSDConfig/__init__.py.in:307
msgid "loginDisabled attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:305
+#: src/config/SSSDConfig/__init__.py.in:308
msgid "loginExpirationTime attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:306
+#: src/config/SSSDConfig/__init__.py.in:309
msgid "loginAllowedTimeMap attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "SSH public key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "A list of extra attributes to download along with the user entry"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:310
+#: src/config/SSSDConfig/__init__.py.in:313
msgid "Base DN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:313
+#: src/config/SSSDConfig/__init__.py.in:316
msgid "Objectclass for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "Group name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Group password"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid "GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:317
+#: src/config/SSSDConfig/__init__.py.in:320
msgid "Group member attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:318
+#: src/config/SSSDConfig/__init__.py.in:321
msgid "Group UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "Modification time attribute for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "Type of the group and other flags"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:323
+#: src/config/SSSDConfig/__init__.py.in:326
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Base DN for netgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Objectclass for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Netgroups members attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid "Netgroup triple attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "Modification time attribute for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:332
+#: src/config/SSSDConfig/__init__.py.in:335
msgid "Base DN for service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Objectclass for services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Service name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Service port attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Service protocol attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:339
+#: src/config/SSSDConfig/__init__.py.in:342
msgid "Lower bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:340
+#: src/config/SSSDConfig/__init__.py.in:343
msgid "Upper bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:343
+#: src/config/SSSDConfig/__init__.py.in:346
msgid "Name of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:344
+#: src/config/SSSDConfig/__init__.py.in:347
msgid "SID of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:347
+#: src/config/SSSDConfig/__init__.py.in:350
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:348
+#: src/config/SSSDConfig/__init__.py.in:351
msgid "Whether to use Token-Groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "Set lower boundary for allowed IDs from the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Set upper boundary for allowed IDs from the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:351
+#: src/config/SSSDConfig/__init__.py.in:354
msgid "DN for ppolicy queries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:354
+#: src/config/SSSDConfig/__init__.py.in:357
msgid "Policy to evaluate the password expiration"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:358
+#: src/config/SSSDConfig/__init__.py.in:361
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:359
+#: src/config/SSSDConfig/__init__.py.in:362
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:362
+#: src/config/SSSDConfig/__init__.py.in:365
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:363
+#: src/config/SSSDConfig/__init__.py.in:366
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:364
+#: src/config/SSSDConfig/__init__.py.in:367
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:365
+#: src/config/SSSDConfig/__init__.py.in:368
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:368
+#: src/config/SSSDConfig/__init__.py.in:371
msgid "Base DN for sudo rules lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:369
+#: src/config/SSSDConfig/__init__.py.in:372
msgid "Automatic full refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:370
+#: src/config/SSSDConfig/__init__.py.in:373
msgid "Automatic smart refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:371
+#: src/config/SSSDConfig/__init__.py.in:374
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:372
+#: src/config/SSSDConfig/__init__.py.in:375
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:373
+#: src/config/SSSDConfig/__init__.py.in:376
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:374
+#: src/config/SSSDConfig/__init__.py.in:377
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:375
+#: src/config/SSSDConfig/__init__.py.in:378
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:376
+#: src/config/SSSDConfig/__init__.py.in:379
msgid "Object class for sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:377
+#: src/config/SSSDConfig/__init__.py.in:380
msgid "Sudo rule name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:378
+#: src/config/SSSDConfig/__init__.py.in:381
msgid "Sudo rule command attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:379
+#: src/config/SSSDConfig/__init__.py.in:382
msgid "Sudo rule host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:380
+#: src/config/SSSDConfig/__init__.py.in:383
msgid "Sudo rule user attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:381
+#: src/config/SSSDConfig/__init__.py.in:384
msgid "Sudo rule option attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:382
+#: src/config/SSSDConfig/__init__.py.in:385
msgid "Sudo rule runas attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:383
+#: src/config/SSSDConfig/__init__.py.in:386
msgid "Sudo rule runasuser attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:384
+#: src/config/SSSDConfig/__init__.py.in:387
msgid "Sudo rule runasgroup attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:385
+#: src/config/SSSDConfig/__init__.py.in:388
msgid "Sudo rule notbefore attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:386
+#: src/config/SSSDConfig/__init__.py.in:389
msgid "Sudo rule notafter attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:387
+#: src/config/SSSDConfig/__init__.py.in:390
msgid "Sudo rule order attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:390
+#: src/config/SSSDConfig/__init__.py.in:393
msgid "Object class for automounter maps"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:391
+#: src/config/SSSDConfig/__init__.py.in:394
msgid "Automounter map name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:392
+#: src/config/SSSDConfig/__init__.py.in:395
msgid "Object class for automounter map entries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:393
+#: src/config/SSSDConfig/__init__.py.in:396
msgid "Automounter map entry key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:394
+#: src/config/SSSDConfig/__init__.py.in:397
msgid "Automounter map entry value attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:395
+#: src/config/SSSDConfig/__init__.py.in:398
msgid "Base DN for automounter map lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:398
+#: src/config/SSSDConfig/__init__.py.in:401
msgid "Comma separated list of allowed users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:399
+#: src/config/SSSDConfig/__init__.py.in:402
msgid "Comma separated list of prohibited users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:402
+#: src/config/SSSDConfig/__init__.py.in:405
msgid "Default shell, /bin/bash"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:403
+#: src/config/SSSDConfig/__init__.py.in:406
msgid "Base for home directories"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:406
+#: src/config/SSSDConfig/__init__.py.in:409
msgid "The name of the NSS library to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:407
+#: src/config/SSSDConfig/__init__.py.in:410
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:410
+#: src/config/SSSDConfig/__init__.py.in:413
msgid "PAM stack to use"
msgstr ""
@@ -1234,26 +1246,26 @@ msgstr ""
msgid "Print version number and exit"
msgstr ""
-#: src/providers/krb5/krb5_child.c:2342 src/providers/ldap/ldap_child.c:589
+#: src/providers/krb5/krb5_child.c:2342 src/providers/ldap/ldap_child.c:609
#: src/util/util.h:108
msgid "Debug level"
msgstr ""
-#: src/providers/krb5/krb5_child.c:2344 src/providers/ldap/ldap_child.c:591
+#: src/providers/krb5/krb5_child.c:2344 src/providers/ldap/ldap_child.c:611
#: src/util/util.h:114
msgid "Add debug timestamps"
msgstr ""
-#: src/providers/krb5/krb5_child.c:2346 src/providers/ldap/ldap_child.c:593
+#: src/providers/krb5/krb5_child.c:2346 src/providers/ldap/ldap_child.c:613
#: src/util/util.h:116
msgid "Show timestamps with microseconds"
msgstr ""
-#: src/providers/krb5/krb5_child.c:2348 src/providers/ldap/ldap_child.c:595
+#: src/providers/krb5/krb5_child.c:2348 src/providers/ldap/ldap_child.c:615
msgid "An open file descriptor for the debug logs"
msgstr ""
-#: src/providers/krb5/krb5_child.c:2351 src/providers/ldap/ldap_child.c:597
+#: src/providers/krb5/krb5_child.c:2351 src/providers/ldap/ldap_child.c:617
#: src/util/util.h:112
msgid "Send the debug output to stderr directly."
msgstr ""
@@ -1266,99 +1278,104 @@ msgstr ""
msgid "The group to create FAST ccache as"
msgstr ""
-#: src/providers/data_provider_be.c:2833
+#: src/providers/data_provider_be.c:2834
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:969
+#: src/sss_client/common.c:971
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:972
+#: src/sss_client/common.c:974
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:975
+#: src/sss_client/common.c:977
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:978
+#: src/sss_client/common.c:980
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:983
+#: src/sss_client/common.c:985
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:989
+#: src/sss_client/common.c:991
msgid "Unexpected error while looking for an error description"
msgstr ""
-#: src/sss_client/pam_sss.c:398
+#: src/sss_client/pam_sss.c:63
+msgid "Permission denied. "
+msgstr ""
+
+#: src/sss_client/pam_sss.c:64 src/sss_client/pam_sss.c:883
+#: src/sss_client/pam_sss.c:894
+msgid "Server message: "
+msgstr ""
+
+#: src/sss_client/pam_sss.c:401
msgid "Passwords do not match"
msgstr ""
-#: src/sss_client/pam_sss.c:586
+#: src/sss_client/pam_sss.c:589
msgid "Password reset by root is not supported."
msgstr ""
-#: src/sss_client/pam_sss.c:627
+#: src/sss_client/pam_sss.c:630
msgid "Authenticated with cached credentials"
msgstr ""
-#: src/sss_client/pam_sss.c:628
+#: src/sss_client/pam_sss.c:631
msgid ", your cached password will expire at: "
msgstr ""
-#: src/sss_client/pam_sss.c:658
+#: src/sss_client/pam_sss.c:661
#, c-format
msgid "Your password has expired. You have %1$d grace login(s) remaining."
msgstr ""
-#: src/sss_client/pam_sss.c:704
+#: src/sss_client/pam_sss.c:707
#, c-format
msgid "Your password will expire in %1$d %2$s."
msgstr ""
-#: src/sss_client/pam_sss.c:753
+#: src/sss_client/pam_sss.c:756
msgid "Authentication is denied until: "
msgstr ""
-#: src/sss_client/pam_sss.c:774
+#: src/sss_client/pam_sss.c:777
msgid "System is offline, password change not possible"
msgstr ""
-#: src/sss_client/pam_sss.c:789
+#: src/sss_client/pam_sss.c:792
msgid ""
"After changing the OTP password, you need to log out and back in order to "
"acquire a ticket"
msgstr ""
-#: src/sss_client/pam_sss.c:820 src/sss_client/pam_sss.c:833
+#: src/sss_client/pam_sss.c:880 src/sss_client/pam_sss.c:893
msgid "Password change failed. "
msgstr ""
-#: src/sss_client/pam_sss.c:823 src/sss_client/pam_sss.c:834
-msgid "Server message: "
-msgstr ""
-
-#: src/sss_client/pam_sss.c:1274
+#: src/sss_client/pam_sss.c:1336
msgid "New Password: "
msgstr ""
-#: src/sss_client/pam_sss.c:1275
+#: src/sss_client/pam_sss.c:1337
msgid "Reenter new Password: "
msgstr ""
-#: src/sss_client/pam_sss.c:1374
+#: src/sss_client/pam_sss.c:1436
msgid "Password: "
msgstr ""
-#: src/sss_client/pam_sss.c:1406
+#: src/sss_client/pam_sss.c:1468
msgid "Current Password: "
msgstr ""
-#: src/sss_client/pam_sss.c:1582
+#: src/sss_client/pam_sss.c:1644
msgid "Password expired. Change your password now."
msgstr ""
diff --git a/po/uk.po b/po/uk.po
index 32c018248..0eae046a5 100644
--- a/po/uk.po
+++ b/po/uk.po
@@ -6,12 +6,13 @@
# sgallagh <sgallagh@redhat.com>, 2011
# Yuri Chornoivan <yurchor@ukr.net>, 2011-2014
# Yuri Chornoivan <yurchor@ukr.net>, 2013
+# Yuri Chornoivan <yurchor@ukr.net>, 2015. #zanata
msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2015-02-18 16:53+0100\n"
-"PO-Revision-Date: 2014-06-04 02:22-0400\n"
+"POT-Creation-Date: 2015-06-12 10:37+0200\n"
+"PO-Revision-Date: 2015-03-13 07:05-0400\n"
"Last-Translator: Yuri Chornoivan <yurchor@ukr.net>\n"
"Language-Team: Ukrainian (http://www.transifex.com/projects/p/sssd/language/"
"uk/)\n"
@@ -21,7 +22,7 @@ msgstr ""
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n"
"%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n"
-"X-Generator: Zanata 3.5.1\n"
+"X-Generator: Zanata 3.6.2\n"
#: src/config/SSSDConfig/__init__.py.in:43
msgid "Set the verbosity of the debug logging"
@@ -112,7 +113,7 @@ msgid "Entry cache background update timeout length (seconds)"
msgstr "Час очікування на фонове оновлення кешу записів (у секундах)"
#: src/config/SSSDConfig/__init__.py.in:67
-#: src/config/SSSDConfig/__init__.py.in:96
+#: src/config/SSSDConfig/__init__.py.in:97
msgid "Negative cache timeout length (seconds)"
msgstr "Від’ємний час очікування на дані з кешу (у секундах)"
@@ -177,6 +178,7 @@ msgstr "Строк дії записів кешу у пам’яті"
#: src/config/SSSDConfig/__init__.py.in:80
msgid "All spaces in group or user names will be replaced with this character"
msgstr ""
+"Усі пробіли у назвах груп і іменах користувачів буде замінено на цей символ"
#: src/config/SSSDConfig/__init__.py.in:83
msgid "How long to allow cached logins between online logins (days)"
@@ -214,23 +216,28 @@ msgstr ""
#: src/config/SSSDConfig/__init__.py.in:89
msgid "List of trusted uids or user's name"
-msgstr ""
+msgstr "Список надійних UUID або імен користувачів"
#: src/config/SSSDConfig/__init__.py.in:90
msgid "List of domains accessible even for untrusted users."
msgstr ""
+"Список доменів, доступ до яких відкрито навіть для ненадійних користувачів."
+
+#: src/config/SSSDConfig/__init__.py.in:91
+msgid "Message printed when user account is expired."
+msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:93
+#: src/config/SSSDConfig/__init__.py.in:94
msgid "Whether to evaluate the time-based attributes in sudo rules"
msgstr ""
"Визначає, чи слід обробляти атрибути правил sudo, пов’язані з часовими "
"обмеженнями"
-#: src/config/SSSDConfig/__init__.py.in:99
+#: src/config/SSSDConfig/__init__.py.in:100
msgid "Whether to hash host names and addresses in the known_hosts file"
msgstr "Чи слід хешувати назви та адреси вузлів у файлі known_hosts"
-#: src/config/SSSDConfig/__init__.py.in:100
+#: src/config/SSSDConfig/__init__.py.in:101
msgid ""
"How many seconds to keep a host in the known_hosts file after its host keys "
"were requested"
@@ -238,545 +245,566 @@ msgstr ""
"Кількість секунд, протягом яких запису вузла зберігатиметься у файлі "
"known_hosts після надсилання запиту щодо ключів вузла"
-#: src/config/SSSDConfig/__init__.py.in:103
+#: src/config/SSSDConfig/__init__.py.in:104
msgid "List of UIDs or user names allowed to access the PAC responder"
msgstr ""
"Список унікальних ідентифікаторів (UID) або імен користувачів, яким надано "
"доступ до відповідача PAC"
-#: src/config/SSSDConfig/__init__.py.in:106
+#: src/config/SSSDConfig/__init__.py.in:107
msgid "List of UIDs or user names allowed to access the InfoPipe responder"
msgstr ""
"Список унікальних ідентифікаторів (UID) або імен користувачів, яким надано "
"доступ до відповідача InfoPipe"
-#: src/config/SSSDConfig/__init__.py.in:107
+#: src/config/SSSDConfig/__init__.py.in:108
msgid "List of user attributes the InfoPipe is allowed to publish"
msgstr "Список атрибутів запису користувача, які може оприлюднювати InfoPipe"
-#: src/config/SSSDConfig/__init__.py.in:110
+#: src/config/SSSDConfig/__init__.py.in:111
msgid "Identity provider"
msgstr "Служба профілів"
-#: src/config/SSSDConfig/__init__.py.in:111
+#: src/config/SSSDConfig/__init__.py.in:112
msgid "Authentication provider"
msgstr "Служба розпізнавання"
-#: src/config/SSSDConfig/__init__.py.in:112
+#: src/config/SSSDConfig/__init__.py.in:113
msgid "Access control provider"
msgstr "Служба керування доступом"
-#: src/config/SSSDConfig/__init__.py.in:113
+#: src/config/SSSDConfig/__init__.py.in:114
msgid "Password change provider"
msgstr "Служба зміни паролів"
-#: src/config/SSSDConfig/__init__.py.in:114
+#: src/config/SSSDConfig/__init__.py.in:115
msgid "SUDO provider"
msgstr "Служба SUDO"
-#: src/config/SSSDConfig/__init__.py.in:115
+#: src/config/SSSDConfig/__init__.py.in:116
msgid "Autofs provider"
msgstr "Служба автоматизації файлових систем"
-#: src/config/SSSDConfig/__init__.py.in:116
+#: src/config/SSSDConfig/__init__.py.in:117
msgid "Session-loading provider"
msgstr "Служба завантаження сеансів"
-#: src/config/SSSDConfig/__init__.py.in:117
+#: src/config/SSSDConfig/__init__.py.in:118
msgid "Host identity provider"
msgstr "Служба профілів вузлів"
-#: src/config/SSSDConfig/__init__.py.in:120
+#: src/config/SSSDConfig/__init__.py.in:121
msgid "Minimum user ID"
msgstr "Мін. ідентифікатор користувача"
-#: src/config/SSSDConfig/__init__.py.in:121
+#: src/config/SSSDConfig/__init__.py.in:122
msgid "Maximum user ID"
msgstr "Макс. ідентифікатор користувача"
-#: src/config/SSSDConfig/__init__.py.in:122
+#: src/config/SSSDConfig/__init__.py.in:123
msgid "Enable enumerating all users/groups"
msgstr "Увімкнути нумерацію всіх користувачів/груп"
-#: src/config/SSSDConfig/__init__.py.in:123
+#: src/config/SSSDConfig/__init__.py.in:124
msgid "Cache credentials for offline login"
msgstr "Кешувати реєстраційні дані для автономного входу"
-#: src/config/SSSDConfig/__init__.py.in:124
+#: src/config/SSSDConfig/__init__.py.in:125
msgid "Store password hashes"
msgstr "Зберігати хеші паролів"
-#: src/config/SSSDConfig/__init__.py.in:125
+#: src/config/SSSDConfig/__init__.py.in:126
msgid "Display users/groups in fully-qualified form"
msgstr "Показувати записи користувачів/груп повністю"
-#: src/config/SSSDConfig/__init__.py.in:126
+#: src/config/SSSDConfig/__init__.py.in:127
msgid "Don't include group members in group lookups"
msgstr "Не включати учасників групи у пошуки групи"
-#: src/config/SSSDConfig/__init__.py.in:127
-#: src/config/SSSDConfig/__init__.py.in:134
+#: src/config/SSSDConfig/__init__.py.in:128
#: src/config/SSSDConfig/__init__.py.in:135
#: src/config/SSSDConfig/__init__.py.in:136
#: src/config/SSSDConfig/__init__.py.in:137
#: src/config/SSSDConfig/__init__.py.in:138
#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "Entry cache timeout length (seconds)"
msgstr "Тривалість кешування записів (у секундах)"
-#: src/config/SSSDConfig/__init__.py.in:128
+#: src/config/SSSDConfig/__init__.py.in:129
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr ""
"Обмежити або надавати перевагу певному сімейству адрес під час виконання "
"пошуків DNS"
-#: src/config/SSSDConfig/__init__.py.in:129
+#: src/config/SSSDConfig/__init__.py.in:130
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
"Тривалість зберігання кешованих записів після останнього успішного входу (у "
"днях)"
-#: src/config/SSSDConfig/__init__.py.in:130
+#: src/config/SSSDConfig/__init__.py.in:131
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr ""
"Тривалість очікування на відповідь від DNS під час визначення адрес серверів "
"(у секундах)"
-#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "The domain part of service discovery DNS query"
msgstr "Частина запиту щодо виявлення служби DNS, пов’язана з доменом"
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "Override GID value from the identity provider with this value"
msgstr ""
"Замінити значення ідентифікатора групи від надавача профілю цим значенням"
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Treat usernames as case sensitive"
msgstr "Враховувати регістр у іменах користувачів"
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "How often should expired entries be refreshed in background"
msgstr "Наскільки часто має виконувати оновлення у тлі застарілих записів"
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "Whether to automatically update the client's DNS entry"
msgstr "Визначає, чи слід автоматично оновлювати запис DNS клієнта"
-#: src/config/SSSDConfig/__init__.py.in:142
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:143
+#: src/config/SSSDConfig/__init__.py.in:159
msgid "The TTL to apply to the client's DNS entry after updating it"
msgstr ""
"TTL, який слід застосовувати до запису DNS клієнта після його оновлення"
-#: src/config/SSSDConfig/__init__.py.in:143
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
"Інтерфейс, чию адресу IP має бути використано для динамічних оновлень DNS"
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:145
msgid "How often to periodically update the client's DNS entry"
msgstr "Визначає, наскільки часто слід періодично оновлювати запис DNS клієнта"
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:146
msgid "Whether the provider should explicitly update the PTR record as well"
msgstr ""
"Визначає, чи слід надавачу даних також явним чином оновлювати запис PTR"
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:147
msgid "Whether the nsupdate utility should default to using TCP"
msgstr "Визначає, чи слід програмі nsupdate типово використовувати TCP"
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "What kind of authentication should be used to perform the DNS update"
msgstr ""
"Визначає тип розпізнавання, який слід використовувати для виконання "
"оновлення DNS"
-#: src/config/SSSDConfig/__init__.py.in:148
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "Control enumeration of trusted domains"
msgstr "Керувати нумерацією надійних доменів"
-#: src/config/SSSDConfig/__init__.py.in:149
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "How often should subdomains list be refreshed"
msgstr "Частота оновлення списку піддоменів"
-#: src/config/SSSDConfig/__init__.py.in:152
+#: src/config/SSSDConfig/__init__.py.in:151
+msgid "List of options that should be inherited into a subdomain"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:154
msgid "IPA domain"
msgstr "Домен IPA"
-#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:155
msgid "IPA server address"
msgstr "Адреса сервера IPA"
-#: src/config/SSSDConfig/__init__.py.in:154
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Address of backup IPA server"
msgstr "Адреса резервного сервера IPA"
-#: src/config/SSSDConfig/__init__.py.in:155
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "IPA client hostname"
msgstr "Назва вузла клієнта IPA"
-#: src/config/SSSDConfig/__init__.py.in:156
+#: src/config/SSSDConfig/__init__.py.in:158
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
"Визначає, чи слід автоматично оновлювати запис DNS клієнтського вузла у "
"FreeIPA"
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:161
msgid "Search base for HBAC related objects"
msgstr "Шукати у базі об’єкти, пов’язані з HBAC"
-#: src/config/SSSDConfig/__init__.py.in:160
+#: src/config/SSSDConfig/__init__.py.in:162
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr ""
"Інтервал часу між послідовними сеансами пошуку правил HBAC на сервері IPA"
-#: src/config/SSSDConfig/__init__.py.in:161
+#: src/config/SSSDConfig/__init__.py.in:163
msgid ""
"The amount of time in seconds between lookups of the SELinux maps against "
"the IPA server"
msgstr "Час, у секундах, між пошуками у картах SELinux на сервері IPA"
-#: src/config/SSSDConfig/__init__.py.in:162
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr "Якщо вказано правила DENY, DENY_ALL або IGNORE"
-#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
"Якщо встановлено значення «false», аргумент вузла, наданий PAM, буде "
"проігноровано"
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "The automounter location this IPA client is using"
msgstr "Адреса автоматичного монтування, яку використовує цей клієнт IPA"
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Search base for object containing info about IPA domain"
msgstr "Шукати у базі об’єкт, що містить дані щодо домену IPA"
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:168
msgid "Search base for objects containing info about ID ranges"
msgstr "Шукати у базі об’єкти, що містять дані щодо діапазонів ідентифікаторів"
-#: src/config/SSSDConfig/__init__.py.in:167
-#: src/config/SSSDConfig/__init__.py.in:181
+#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:183
msgid "Enable DNS sites - location based service discovery"
msgstr "Увімкнути сайти DNS — визначення служб на основі адрес"
-#: src/config/SSSDConfig/__init__.py.in:168
+#: src/config/SSSDConfig/__init__.py.in:170
msgid "Search base for view containers"
-msgstr ""
+msgstr "Шукати у базі контейнери перегляду"
-#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:171
msgid "Objectclass for view containers"
-msgstr ""
+msgstr "Клас об’єктів для контейнерів перегляду"
-#: src/config/SSSDConfig/__init__.py.in:170
+#: src/config/SSSDConfig/__init__.py.in:172
msgid "Attribute with the name of the view"
-msgstr ""
+msgstr "Атрибут із назвою перегляду"
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
msgid "Objectclass for override objects"
-msgstr ""
+msgstr "Клас об’єктів для об’єктів перевизначення"
-#: src/config/SSSDConfig/__init__.py.in:172
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Attribute with the reference to the original object"
-msgstr ""
+msgstr "Атрибут із посиланням на початковий об’єкт"
-#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:175
msgid "Objectclass for user override objects"
-msgstr ""
+msgstr "Клас об’єктів для об’єктів перевизначення користувачів"
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:176
msgid "Objectclass for group override objects"
-msgstr ""
+msgstr "Клас об’єктів для об’єктів перевизначення груп"
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "Active Directory domain"
msgstr "Домен Active Directory"
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "Active Directory server address"
msgstr "Адреса сервера Active Directory"
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "Active Directory backup server address"
msgstr "Адреса резервного сервера Active Directory"
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "Active Directory client hostname"
msgstr "Назва клієнтського вузла Active Directory"
-#: src/config/SSSDConfig/__init__.py.in:182
-#: src/config/SSSDConfig/__init__.py.in:357
+#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:360
msgid "LDAP filter to determine access privileges"
msgstr "Фільтр LDAP для визначення прав доступу"
-#: src/config/SSSDConfig/__init__.py.in:183
+#: src/config/SSSDConfig/__init__.py.in:185
msgid "Whether to use the Global Catalog for lookups"
msgstr "Чи слід використовувати загальний каталог для пошуку"
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Operation mode for GPO-based access control"
msgstr "Режим роботи для керування доступом на основі GPO"
-#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:187
msgid ""
"The amount of time between lookups of the GPO policy files against the AD "
"server"
msgstr ""
+"Інтервал часу між послідовними сеансами пошуку правил GPO на сервері AD"
-#: src/config/SSSDConfig/__init__.py.in:186
+#: src/config/SSSDConfig/__init__.py.in:188
msgid ""
"PAM service names that map to the GPO (Deny)InteractiveLogonRight policy "
"settings"
msgstr ""
+"Назви служб PAM, які виконують прив’язування до параметрів правил GPO "
+"(Deny)InteractiveLogonRight"
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:189
msgid ""
"PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight "
"policy settings"
msgstr ""
+"Назви служб PAM, які виконують прив’язування до параметрів правил GPO "
+"(Deny)RemoteInteractiveLogonRight"
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:190
msgid ""
"PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings"
msgstr ""
+"Назви служб PAM, які виконують прив’язування до параметрів правил GPO "
+"(Deny)NetworkLogonRight"
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:191
msgid ""
"PAM service names that map to the GPO (Deny)BatchLogonRight policy settings"
msgstr ""
+"Назви служб PAM, які виконують прив’язування до параметрів правил GPO "
+"(Deny)BatchLogonRight"
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:192
msgid ""
"PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings"
msgstr ""
+"Назви служб PAM, які виконують прив’язування до параметрів правил GPO "
+"(Deny)ServiceLogonRight"
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "PAM service names for which GPO-based access is always granted"
-msgstr ""
+msgstr "Назви служб PAM, яким завжди надається доступ на основі GPO"
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "PAM service names for which GPO-based access is always denied"
-msgstr ""
+msgstr "Назви служб PAM, яким ніколи не надається доступ на основі GPO"
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:195
msgid ""
"Default logon right (or permit/deny) to use for unmapped PAM service names"
msgstr ""
+"Типове правило входу (або допуск/заборона), яким слід користуватися для "
+"неприв’язаних назв служб PAM"
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "a particular site to be used by the client"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:197
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "Kerberos server address"
msgstr "Адреса сервера Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Kerberos backup server address"
msgstr "Адреса резервного сервера Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "Kerberos realm"
msgstr "Область Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "Authentication timeout"
msgstr "Час очікування на розпізнавання"
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "Whether to create kdcinfo files"
msgstr "Визначає, чи слід створювати файли kdcinfo"
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "Where to drop krb5 config snippets"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "Directory to store credential caches"
msgstr "Каталог, де зберігатиметься кеш реєстраційних даних"
-#: src/config/SSSDConfig/__init__.py.in:207
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "Location of the user's credential cache"
msgstr "Адреса кешу реєстраційних даних користувача"
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:210
msgid "Location of the keytab to validate credentials"
msgstr "Адреса таблиці ключів для перевірки реєстраційних даних"
-#: src/config/SSSDConfig/__init__.py.in:209
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "Enable credential validation"
msgstr "Увімкнути перевірку реєстраційних даних"
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:212
msgid "Store password if offline for later online authentication"
msgstr "Зберігати пароль у автономному режимі для розпізнавання у мережі"
-#: src/config/SSSDConfig/__init__.py.in:211
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Renewable lifetime of the TGT"
msgstr "Поновлюваний строк дії TGT"
-#: src/config/SSSDConfig/__init__.py.in:212
+#: src/config/SSSDConfig/__init__.py.in:214
msgid "Lifetime of the TGT"
msgstr "Строк дії TGT"
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:215
msgid "Time between two checks for renewal"
msgstr "Граничний час між двома перевірками для поновлення"
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "Enables FAST"
msgstr "Вмикає FAST"
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "Selects the principal to use for FAST"
msgstr "Визначає реєстраційний запис, який слід використовувати для FAST"
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:218
msgid "Enables principal canonicalization"
msgstr "Вмикає перетворення реєстраційних записів у канонічну форму"
-#: src/config/SSSDConfig/__init__.py.in:217
+#: src/config/SSSDConfig/__init__.py.in:219
msgid "Enables enterprise principals"
msgstr "Увімкнути промислові реєстраційні дані"
#: src/config/SSSDConfig/__init__.py.in:220
-#: src/config/SSSDConfig/__init__.py.in:221
+msgid "A mapping from user names to kerberos principal names"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:224
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
"Сервер, на якому запущено службу зміни паролів, якщо такий не вдасться "
"виявити у KDC"
-#: src/config/SSSDConfig/__init__.py.in:224
+#: src/config/SSSDConfig/__init__.py.in:227
msgid "ldap_uri, The URI of the LDAP server"
msgstr "ldap_uri, адреса URI сервера LDAP"
-#: src/config/SSSDConfig/__init__.py.in:225
+#: src/config/SSSDConfig/__init__.py.in:228
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr "ldap_backup_uri, адреса сервера LDAP"
-#: src/config/SSSDConfig/__init__.py.in:226
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "The default base DN"
msgstr "Типова базова назва домену"
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr "Тип схеми, використаний на сервері LDAP, rfc2307"
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "The default bind DN"
msgstr "Типова назва домену прив’язки"
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "The type of the authentication token of the default bind DN"
msgstr "Тип розпізнавання для типової назви сервера прив’язки"
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "The authentication token of the default bind DN"
msgstr "Лексема розпізнавання типової назви сервера прив’язки"
-#: src/config/SSSDConfig/__init__.py.in:231
+#: src/config/SSSDConfig/__init__.py.in:234
msgid "Length of time to attempt connection"
msgstr "Проміжок часу між спробами встановлення з’єднання"
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Length of time to attempt synchronous LDAP operations"
msgstr "Проміжок часу між спробами виконання синхронних операцій LDAP"
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "Length of time between attempts to reconnect while offline"
msgstr ""
"Проміжок часу між повторними спробами встановлення з’єднання у автономному "
"режимі"
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Use only the upper case for realm names"
msgstr "Використовувати для назв областей лише великі літери"
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "File that contains CA certificates"
msgstr "Файл, що містить сертифікати CA"
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Path to CA certificate directory"
msgstr "Шлях до каталогу сертифікатів CA"
-#: src/config/SSSDConfig/__init__.py.in:237
+#: src/config/SSSDConfig/__init__.py.in:240
msgid "File that contains the client certificate"
msgstr "Файл, що містить клієнтський сертифікат"
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "File that contains the client key"
msgstr "Файл, що містить клієнтський ключ"
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "List of possible ciphers suites"
msgstr "Показати список можливих інструментів шифрування"
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "Require TLS certificate verification"
msgstr "Потрібна перевірка сертифіката TLS"
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "Specify the sasl mechanism to use"
msgstr "Вкажіть механізм SASL, який слід використовувати"
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "Specify the sasl authorization id to use"
msgstr "Вкажіть ідентифікатор уповноваження SASL, який слід використовувати"
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "Specify the sasl authorization realm to use"
msgstr "Вкажіть область уповноваження SASL, яку слід використовувати"
-#: src/config/SSSDConfig/__init__.py.in:244
+#: src/config/SSSDConfig/__init__.py.in:247
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr ""
"Вказати мінімальне значення SSF для розпізнавання на LDAP за допомогою sasl"
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Kerberos service keytab"
msgstr "Таблиця ключів служби Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "Use Kerberos auth for LDAP connection"
msgstr "Розпізнавання Kerberos для з’єднання LDAP"
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "Follow LDAP referrals"
msgstr "Переходити за посиланнями LDAP"
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "Lifetime of TGT for LDAP connection"
msgstr "Строк дії TGT для з’єднання LDAP"
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "How to dereference aliases"
msgstr "Спосіб розіменування псевдонімів"
-#: src/config/SSSDConfig/__init__.py.in:250
+#: src/config/SSSDConfig/__init__.py.in:253
msgid "Service name for DNS service lookups"
msgstr "Назва служби для пошуків за допомогою служби DNS"
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "The number of records to retrieve in a single LDAP query"
msgstr "Кількість записів, які слід отримувати у відповідь на один запит LDAP"
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
"Кількість учасників, яких має не вистачати для вмикання повного скасування "
"посилань"
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
@@ -784,372 +812,372 @@ msgstr ""
"Визначає, чи має бібліотека LDAP виконувати зворотній пошук з метою "
"переведення назв вузлів у канонічну форму під час прив’язки до SASL"
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "entryUSN attribute"
msgstr "Атрибут entryUSN"
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "lastUSN attribute"
msgstr "Атрибут lastUSN"
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr "Тривалість підтримування з’єднання з сервером LDAP перед роз’єднанням"
-#: src/config/SSSDConfig/__init__.py.in:260
+#: src/config/SSSDConfig/__init__.py.in:263
msgid "Disable the LDAP paging control"
msgstr "Вимкнути контроль сторінок у LDAP"
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "Disable Active Directory range retrieval"
msgstr "Вимкнути отримання діапазонів Active Directory"
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "Length of time to wait for a search request"
msgstr "Тривалість очікування на дані запиту пошуку"
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "Length of time to wait for a enumeration request"
msgstr "Тривалість очікування на дані запиту щодо переліку"
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "Length of time between enumeration updates"
msgstr "Проміжок часу між оновленнями нумерації"
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "Length of time between cache cleanups"
msgstr "Проміжок часу між спорожненнями кешу"
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "Require TLS for ID lookups"
msgstr "Вимагати TLS для пошуків ідентифікаторів"
-#: src/config/SSSDConfig/__init__.py.in:269
+#: src/config/SSSDConfig/__init__.py.in:272
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
"Використовувати відповідності ідентифікаторів objectSID замість попередньо "
"встановлених ідентифікаторів"
-#: src/config/SSSDConfig/__init__.py.in:270
+#: src/config/SSSDConfig/__init__.py.in:273
msgid "Base DN for user lookups"
msgstr "Базова назва домену для пошуків користувачів"
-#: src/config/SSSDConfig/__init__.py.in:271
+#: src/config/SSSDConfig/__init__.py.in:274
msgid "Scope of user lookups"
msgstr "Діапазон пошуків користувачів"
-#: src/config/SSSDConfig/__init__.py.in:272
+#: src/config/SSSDConfig/__init__.py.in:275
msgid "Filter for user lookups"
msgstr "Фільтр пошуку користувачів"
-#: src/config/SSSDConfig/__init__.py.in:273
+#: src/config/SSSDConfig/__init__.py.in:276
msgid "Objectclass for users"
msgstr "Клас об’єктів для користувачів"
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Username attribute"
msgstr "Атрибут імені користувача"
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "UID attribute"
msgstr "Атрибут UID"
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "Primary GID attribute"
msgstr "Головний атрибут GID"
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "GECOS attribute"
msgstr "Атрибут GECOS"
-#: src/config/SSSDConfig/__init__.py.in:279
+#: src/config/SSSDConfig/__init__.py.in:282
msgid "Home directory attribute"
msgstr "Атрибут домашнього каталогу"
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "Shell attribute"
msgstr "Атрибут оболонки"
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
#, fuzzy
msgid "UUID attribute"
msgstr "Атрибут UID"
-#: src/config/SSSDConfig/__init__.py.in:282
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:322
msgid "objectSID attribute"
msgstr "Атрибут objectSID"
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Active Directory primary group attribute for ID-mapping"
msgstr ""
"Атрибут основної групи Active Directory для встановлення відповідності "
"ідентифікатора"
-#: src/config/SSSDConfig/__init__.py.in:284
+#: src/config/SSSDConfig/__init__.py.in:287
msgid "User principal attribute (for Kerberos)"
msgstr "Атрибут реєстраційного запису користувача (для Kerberos)"
-#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:288
msgid "Full Name"
msgstr "Повне ім'я"
-#: src/config/SSSDConfig/__init__.py.in:286
+#: src/config/SSSDConfig/__init__.py.in:289
msgid "memberOf attribute"
msgstr "Атрибут memberOf"
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Modification time attribute"
msgstr "Атрибут часу зміни"
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "shadowLastChange attribute"
msgstr "Атрибут shadowLastChange"
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "shadowMin attribute"
msgstr "Атрибут shadowMin"
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "shadowMax attribute"
msgstr "Атрибут shadowMax"
-#: src/config/SSSDConfig/__init__.py.in:292
+#: src/config/SSSDConfig/__init__.py.in:295
msgid "shadowWarning attribute"
msgstr "Атрибут shadowWarning"
-#: src/config/SSSDConfig/__init__.py.in:293
+#: src/config/SSSDConfig/__init__.py.in:296
msgid "shadowInactive attribute"
msgstr "Атрибут shadowInactive"
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "shadowExpire attribute"
msgstr "Атрибут shadowExpire"
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "shadowFlag attribute"
msgstr "Атрибут shadowFlag"
-#: src/config/SSSDConfig/__init__.py.in:296
+#: src/config/SSSDConfig/__init__.py.in:299
msgid "Attribute listing authorized PAM services"
msgstr "Атрибути зі списком уповноважених служб PAM"
-#: src/config/SSSDConfig/__init__.py.in:297
+#: src/config/SSSDConfig/__init__.py.in:300
msgid "Attribute listing authorized server hosts"
msgstr "Атрибути зі списком уповноважених серверних вузлів"
-#: src/config/SSSDConfig/__init__.py.in:298
+#: src/config/SSSDConfig/__init__.py.in:301
msgid "krbLastPwdChange attribute"
msgstr "Атрибут krbLastPwdChange"
-#: src/config/SSSDConfig/__init__.py.in:299
+#: src/config/SSSDConfig/__init__.py.in:302
msgid "krbPasswordExpiration attribute"
msgstr "Атрибут krbPasswordExpiration"
-#: src/config/SSSDConfig/__init__.py.in:300
+#: src/config/SSSDConfig/__init__.py.in:303
msgid "Attribute indicating that server side password policies are active"
msgstr ""
"Атрибут, що відповідає за активізацію правил обробки паролів на боці сервера"
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "accountExpires attribute of AD"
msgstr "Атрибут accountExpires AD"
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "userAccountControl attribute of AD"
msgstr "Атрибут userAccountControl AD"
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "nsAccountLock attribute"
msgstr "Атрибут nsAccountLock"
-#: src/config/SSSDConfig/__init__.py.in:304
+#: src/config/SSSDConfig/__init__.py.in:307
msgid "loginDisabled attribute of NDS"
msgstr "Атрибут loginDisabled NDS"
-#: src/config/SSSDConfig/__init__.py.in:305
+#: src/config/SSSDConfig/__init__.py.in:308
msgid "loginExpirationTime attribute of NDS"
msgstr "Атрибут loginExpirationTime NDS"
-#: src/config/SSSDConfig/__init__.py.in:306
+#: src/config/SSSDConfig/__init__.py.in:309
msgid "loginAllowedTimeMap attribute of NDS"
msgstr "Атрибут loginAllowedTimeMap NDS"
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "SSH public key attribute"
msgstr "Атрибут відкритого ключа SSH"
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "A list of extra attributes to download along with the user entry"
msgstr ""
"Список додаткових атрибутів, які слід отримувати разом із записом користувача"
-#: src/config/SSSDConfig/__init__.py.in:310
+#: src/config/SSSDConfig/__init__.py.in:313
msgid "Base DN for group lookups"
msgstr "Базова назва домену для пошуків груп"
-#: src/config/SSSDConfig/__init__.py.in:313
+#: src/config/SSSDConfig/__init__.py.in:316
msgid "Objectclass for groups"
msgstr "Клас об’єктів для груп"
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "Group name"
msgstr "Назва групи"
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Group password"
msgstr "Пароль групи"
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid "GID attribute"
msgstr "Атрибут GID"
-#: src/config/SSSDConfig/__init__.py.in:317
+#: src/config/SSSDConfig/__init__.py.in:320
msgid "Group member attribute"
msgstr "Атрибут членства у групі"
-#: src/config/SSSDConfig/__init__.py.in:318
+#: src/config/SSSDConfig/__init__.py.in:321
#, fuzzy
msgid "Group UUID attribute"
msgstr "Атрибут UID"
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "Modification time attribute for groups"
msgstr "Атрибут часу зміни для груп"
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "Type of the group and other flags"
msgstr "Тип групи та інші прапорці"
-#: src/config/SSSDConfig/__init__.py.in:323
+#: src/config/SSSDConfig/__init__.py.in:326
msgid "Maximum nesting level SSSd will follow"
msgstr "Максимальний рівень вкладеності, який використовуватиме SSSD"
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Base DN for netgroup lookups"
msgstr "Базова назва домену для пошуків груп у мережі"
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Objectclass for netgroups"
msgstr "Клас об’єктів для груп у мережі"
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Netgroup name"
msgstr "Назва мережевої групи"
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Netgroups members attribute"
msgstr "Атрибут членства у групах у мережі"
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid "Netgroup triple attribute"
msgstr "Атрибут трійки груп у мережі"
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "Modification time attribute for netgroups"
msgstr "Атрибут часу зміни для мережевих груп"
-#: src/config/SSSDConfig/__init__.py.in:332
+#: src/config/SSSDConfig/__init__.py.in:335
msgid "Base DN for service lookups"
msgstr "Базова сервер назв домену для пошуку служб"
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Objectclass for services"
msgstr "Клас об’єктів для служб"
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Service name attribute"
msgstr "Атрибут назви служби"
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Service port attribute"
msgstr "Атрибут порту служби"
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Service protocol attribute"
msgstr "Атрибут протоколу служби"
-#: src/config/SSSDConfig/__init__.py.in:339
+#: src/config/SSSDConfig/__init__.py.in:342
msgid "Lower bound for ID-mapping"
msgstr "Нижня межа встановлення відповідності ідентифікатора"
-#: src/config/SSSDConfig/__init__.py.in:340
+#: src/config/SSSDConfig/__init__.py.in:343
msgid "Upper bound for ID-mapping"
msgstr "Верхня межа встановлення відповідності ідентифікатора"
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
"Кількість ідентифікаторів для кожного зрізу під час встановлення "
"відповідності ідентифікаторів"
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
"Використовувати для встановлення відповідності ідентифікаторів алгоритм, "
"сумісний з autorid"
-#: src/config/SSSDConfig/__init__.py.in:343
+#: src/config/SSSDConfig/__init__.py.in:346
msgid "Name of the default domain for ID-mapping"
msgstr "Назва типового домену для встановлення відповідності ідентифікаторів"
-#: src/config/SSSDConfig/__init__.py.in:344
+#: src/config/SSSDConfig/__init__.py.in:347
msgid "SID of the default domain for ID-mapping"
msgstr "SID типового домену для встановлення відповідності ідентифікаторів"
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr "Використовувати LDAP_MATCHING_RULE_IN_CHAIN щодо пошуків груп (group)"
-#: src/config/SSSDConfig/__init__.py.in:347
+#: src/config/SSSDConfig/__init__.py.in:350
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
"Використовувати LDAP_MATCHING_RULE_IN_CHAIN щодо пошуків початкових груп "
"(initgroup)"
-#: src/config/SSSDConfig/__init__.py.in:348
+#: src/config/SSSDConfig/__init__.py.in:351
msgid "Whether to use Token-Groups"
msgstr "Визначає, чи слід використовувати крупи реєстраційних записів"
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "Set lower boundary for allowed IDs from the LDAP server"
msgstr "Встановити нижню межу для дозволених ідентифікаторів із сервера LDAP"
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Set upper boundary for allowed IDs from the LDAP server"
msgstr "Встановити верхню межу для дозволених ідентифікаторів із сервера LDAP"
-#: src/config/SSSDConfig/__init__.py.in:351
+#: src/config/SSSDConfig/__init__.py.in:354
msgid "DN for ppolicy queries"
-msgstr ""
+msgstr "DN для запитів щодо ppolicy"
-#: src/config/SSSDConfig/__init__.py.in:354
+#: src/config/SSSDConfig/__init__.py.in:357
msgid "Policy to evaluate the password expiration"
msgstr "Правила оцінки завершення строку дії пароля"
-#: src/config/SSSDConfig/__init__.py.in:358
+#: src/config/SSSDConfig/__init__.py.in:361
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
"Атрибути які слід використовувати для визначення чинності облікового запису"
-#: src/config/SSSDConfig/__init__.py.in:359
+#: src/config/SSSDConfig/__init__.py.in:362
msgid "Which rules should be used to evaluate access control"
msgstr ""
"Правила, які має бути використано для визначення достатності прав доступу"
-#: src/config/SSSDConfig/__init__.py.in:362
+#: src/config/SSSDConfig/__init__.py.in:365
msgid "URI of an LDAP server where password changes are allowed"
msgstr "Адреса на сервері LDAP, для якої можливі зміни паролів"
-#: src/config/SSSDConfig/__init__.py.in:363
+#: src/config/SSSDConfig/__init__.py.in:366
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr "Адреса резервного сервера LDAP, для якої можливі зміни паролів"
-#: src/config/SSSDConfig/__init__.py.in:364
+#: src/config/SSSDConfig/__init__.py.in:367
msgid "DNS service name for LDAP password change server"
msgstr "Назва у службі DNS сервера зміни паролів LDAP"
-#: src/config/SSSDConfig/__init__.py.in:365
+#: src/config/SSSDConfig/__init__.py.in:368
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
@@ -1157,25 +1185,25 @@ msgstr ""
"Визначає, чи слід оновлювати атрибут ldap_user_shadow_last_change після "
"зміни пароля"
-#: src/config/SSSDConfig/__init__.py.in:368
+#: src/config/SSSDConfig/__init__.py.in:371
msgid "Base DN for sudo rules lookups"
msgstr "Базова назва домену для пошуків правил sudo"
-#: src/config/SSSDConfig/__init__.py.in:369
+#: src/config/SSSDConfig/__init__.py.in:372
msgid "Automatic full refresh period"
msgstr "Період автоматичного повного оновлення даних"
-#: src/config/SSSDConfig/__init__.py.in:370
+#: src/config/SSSDConfig/__init__.py.in:373
msgid "Automatic smart refresh period"
msgstr "Період автоматичного кмітливого оновлення даних"
-#: src/config/SSSDConfig/__init__.py.in:371
+#: src/config/SSSDConfig/__init__.py.in:374
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
"Визначає, чи слід фільтрувати правила за назвами вузлів, IP-адресами та "
"мережами"
-#: src/config/SSSDConfig/__init__.py.in:372
+#: src/config/SSSDConfig/__init__.py.in:375
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
@@ -1183,125 +1211,125 @@ msgstr ""
"Назви вузлів і/або повні назви у домені для цього комп’ютера для "
"фільтрування списку правил sudo"
-#: src/config/SSSDConfig/__init__.py.in:373
+#: src/config/SSSDConfig/__init__.py.in:376
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
"Адреси IPv4 або IPv6 чи мережа цього комп’ютера для фільтрування списку "
"правил sudo"
-#: src/config/SSSDConfig/__init__.py.in:374
+#: src/config/SSSDConfig/__init__.py.in:377
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
"Визначає, чи слід включати правила, що містять мережеву групу у атрибуті "
"вузла"
-#: src/config/SSSDConfig/__init__.py.in:375
+#: src/config/SSSDConfig/__init__.py.in:378
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
"Визначає, чи слід включати правила, що містять формальний вираз у атрибуті "
"вузла"
-#: src/config/SSSDConfig/__init__.py.in:376
+#: src/config/SSSDConfig/__init__.py.in:379
msgid "Object class for sudo rules"
msgstr "Клас об’єктів для правил sudo"
-#: src/config/SSSDConfig/__init__.py.in:377
+#: src/config/SSSDConfig/__init__.py.in:380
msgid "Sudo rule name"
msgstr "Назва правила sudo"
-#: src/config/SSSDConfig/__init__.py.in:378
+#: src/config/SSSDConfig/__init__.py.in:381
msgid "Sudo rule command attribute"
msgstr "Атрибут команди правила sudo"
-#: src/config/SSSDConfig/__init__.py.in:379
+#: src/config/SSSDConfig/__init__.py.in:382
msgid "Sudo rule host attribute"
msgstr "Атрибут вузла правила sudo"
-#: src/config/SSSDConfig/__init__.py.in:380
+#: src/config/SSSDConfig/__init__.py.in:383
msgid "Sudo rule user attribute"
msgstr "Атрибут користувача правила sudo"
-#: src/config/SSSDConfig/__init__.py.in:381
+#: src/config/SSSDConfig/__init__.py.in:384
msgid "Sudo rule option attribute"
msgstr "Атрибут параметрів правила sudo"
-#: src/config/SSSDConfig/__init__.py.in:382
+#: src/config/SSSDConfig/__init__.py.in:385
msgid "Sudo rule runas attribute"
-msgstr ""
+msgstr "Атрибут runas правила sudo"
-#: src/config/SSSDConfig/__init__.py.in:383
+#: src/config/SSSDConfig/__init__.py.in:386
msgid "Sudo rule runasuser attribute"
msgstr ""
"Атрибут користувача, від імені якого виконуватиметься запуск, правила sudo"
-#: src/config/SSSDConfig/__init__.py.in:384
+#: src/config/SSSDConfig/__init__.py.in:387
msgid "Sudo rule runasgroup attribute"
msgstr "Атрибут групи, від імені якої виконуватиметься запуск, правила sudo"
-#: src/config/SSSDConfig/__init__.py.in:385
+#: src/config/SSSDConfig/__init__.py.in:388
msgid "Sudo rule notbefore attribute"
msgstr "Атрибут граничного часу початку дії правила sudo"
-#: src/config/SSSDConfig/__init__.py.in:386
+#: src/config/SSSDConfig/__init__.py.in:389
msgid "Sudo rule notafter attribute"
msgstr "Атрибут граничного часу завершення дії правила sudo"
-#: src/config/SSSDConfig/__init__.py.in:387
+#: src/config/SSSDConfig/__init__.py.in:390
msgid "Sudo rule order attribute"
msgstr "Атрибут порядку правила sudo"
-#: src/config/SSSDConfig/__init__.py.in:390
+#: src/config/SSSDConfig/__init__.py.in:393
msgid "Object class for automounter maps"
msgstr "Клас об’єктів для карт автоматичного монтування"
-#: src/config/SSSDConfig/__init__.py.in:391
+#: src/config/SSSDConfig/__init__.py.in:394
msgid "Automounter map name attribute"
msgstr "Атрибут назви карти автоматичного монтування"
-#: src/config/SSSDConfig/__init__.py.in:392
+#: src/config/SSSDConfig/__init__.py.in:395
msgid "Object class for automounter map entries"
msgstr "Клас об’єктів для записів карт автоматичного монтування"
-#: src/config/SSSDConfig/__init__.py.in:393
+#: src/config/SSSDConfig/__init__.py.in:396
msgid "Automounter map entry key attribute"
msgstr "Атрибут ключа запису карти автоматичного монтування"
-#: src/config/SSSDConfig/__init__.py.in:394
+#: src/config/SSSDConfig/__init__.py.in:397
msgid "Automounter map entry value attribute"
msgstr "Атрибут значення запису карти автоматичного монтування"
-#: src/config/SSSDConfig/__init__.py.in:395
+#: src/config/SSSDConfig/__init__.py.in:398
msgid "Base DN for automounter map lookups"
msgstr "Базовий сервер назв домену для пошуків карти автоматичного монтування"
-#: src/config/SSSDConfig/__init__.py.in:398
+#: src/config/SSSDConfig/__init__.py.in:401
msgid "Comma separated list of allowed users"
msgstr "Відокремлений комами список дозволених користувачів"
-#: src/config/SSSDConfig/__init__.py.in:399
+#: src/config/SSSDConfig/__init__.py.in:402
msgid "Comma separated list of prohibited users"
msgstr "Відокремлений комами список заборонених користувачів"
-#: src/config/SSSDConfig/__init__.py.in:402
+#: src/config/SSSDConfig/__init__.py.in:405
msgid "Default shell, /bin/bash"
msgstr "Типова оболонка, /bin/bash"
-#: src/config/SSSDConfig/__init__.py.in:403
+#: src/config/SSSDConfig/__init__.py.in:406
msgid "Base for home directories"
msgstr "Базова адреса домашніх каталогів"
-#: src/config/SSSDConfig/__init__.py.in:406
+#: src/config/SSSDConfig/__init__.py.in:409
msgid "The name of the NSS library to use"
msgstr "Назва бібліотеки NSS, яку слід використовувати"
-#: src/config/SSSDConfig/__init__.py.in:407
+#: src/config/SSSDConfig/__init__.py.in:410
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
"Визначає, чи слід виконувати пошук канонічної назви групи у кеші, якщо це "
"можливо"
-#: src/config/SSSDConfig/__init__.py.in:410
+#: src/config/SSSDConfig/__init__.py.in:413
msgid "PAM stack to use"
msgstr "Стек PAM, який слід використовувати"
@@ -1321,29 +1349,29 @@ msgstr "Вказати нетиповий файл налаштувань"
msgid "Print version number and exit"
msgstr "Вивести номер версії і завершити роботу"
-#: src/providers/krb5/krb5_child.c:2342 src/providers/ldap/ldap_child.c:589
+#: src/providers/krb5/krb5_child.c:2342 src/providers/ldap/ldap_child.c:609
#: src/util/util.h:108
msgid "Debug level"
msgstr "Рівень зневаджування"
-#: src/providers/krb5/krb5_child.c:2344 src/providers/ldap/ldap_child.c:591
+#: src/providers/krb5/krb5_child.c:2344 src/providers/ldap/ldap_child.c:611
#: src/util/util.h:114
msgid "Add debug timestamps"
msgstr "Додавати діагностичні часові позначки"
-#: src/providers/krb5/krb5_child.c:2346 src/providers/ldap/ldap_child.c:593
+#: src/providers/krb5/krb5_child.c:2346 src/providers/ldap/ldap_child.c:613
#: src/util/util.h:116
msgid "Show timestamps with microseconds"
msgstr "Показувати мікросекунди у часових позначках"
-#: src/providers/krb5/krb5_child.c:2348 src/providers/ldap/ldap_child.c:595
+#: src/providers/krb5/krb5_child.c:2348 src/providers/ldap/ldap_child.c:615
msgid "An open file descriptor for the debug logs"
msgstr "Дескриптор відкритого файла для запису журналів діагностики"
-#: src/providers/krb5/krb5_child.c:2351 src/providers/ldap/ldap_child.c:597
+#: src/providers/krb5/krb5_child.c:2351 src/providers/ldap/ldap_child.c:617
#: src/util/util.h:112
msgid "Send the debug output to stderr directly."
-msgstr ""
+msgstr "Надіслати діагностичну інформацію безпосередньо до stderr."
#: src/providers/krb5/krb5_child.c:2353
msgid "The user to create FAST ccache as"
@@ -1353,69 +1381,78 @@ msgstr ""
msgid "The group to create FAST ccache as"
msgstr ""
-#: src/providers/data_provider_be.c:2833
+#: src/providers/data_provider_be.c:2834
msgid "Domain of the information provider (mandatory)"
msgstr "Домен надання відомостей (обов’язковий)"
-#: src/sss_client/common.c:969
+#: src/sss_client/common.c:971
msgid "Privileged socket has wrong ownership or permissions."
msgstr "У привілейованого сокета помилковий власник або права доступу."
-#: src/sss_client/common.c:972
+#: src/sss_client/common.c:974
msgid "Public socket has wrong ownership or permissions."
msgstr "У відкритого сокета помилковий власник або права доступу."
-#: src/sss_client/common.c:975
+#: src/sss_client/common.c:977
msgid "Unexpected format of the server credential message."
msgstr "Некоректний формат повідомлення щодо реєстраційних даних сервера."
-#: src/sss_client/common.c:978
+#: src/sss_client/common.c:980
msgid "SSSD is not run by root."
msgstr "SSSD запущено не від імені користувача root."
-#: src/sss_client/common.c:983
+#: src/sss_client/common.c:985
msgid "An error occurred, but no description can be found."
msgstr "Сталася помилка, але не вдалося знайти її опису."
-#: src/sss_client/common.c:989
+#: src/sss_client/common.c:991
msgid "Unexpected error while looking for an error description"
msgstr "Неочікувана помилка під час пошуку опису помилки"
-#: src/sss_client/pam_sss.c:398
+#: src/sss_client/pam_sss.c:63
+msgid "Permission denied. "
+msgstr ""
+
+#: src/sss_client/pam_sss.c:64 src/sss_client/pam_sss.c:883
+#: src/sss_client/pam_sss.c:894
+msgid "Server message: "
+msgstr "Повідомлення сервера: "
+
+#: src/sss_client/pam_sss.c:401
msgid "Passwords do not match"
msgstr "Паролі не збігаються"
-#: src/sss_client/pam_sss.c:586
+#: src/sss_client/pam_sss.c:589
msgid "Password reset by root is not supported."
msgstr "Підтримки скидання пароля користувачем root не передбачено."
-#: src/sss_client/pam_sss.c:627
+#: src/sss_client/pam_sss.c:630
msgid "Authenticated with cached credentials"
msgstr "Розпізнано за реєстраційними даними з кешу"
-#: src/sss_client/pam_sss.c:628
+#: src/sss_client/pam_sss.c:631
msgid ", your cached password will expire at: "
msgstr ", строк дії вашого кешованого пароля завершиться: "
-#: src/sss_client/pam_sss.c:658
+#: src/sss_client/pam_sss.c:661
#, c-format
msgid "Your password has expired. You have %1$d grace login(s) remaining."
msgstr "Строк дії вашого пароля вичерпано. Залишилося %1$d резервних входи."
-#: src/sss_client/pam_sss.c:704
+#: src/sss_client/pam_sss.c:707
#, c-format
msgid "Your password will expire in %1$d %2$s."
msgstr "Строк дії вашого пароля завершиться за %1$d %2$s."
-#: src/sss_client/pam_sss.c:753
+#: src/sss_client/pam_sss.c:756
msgid "Authentication is denied until: "
msgstr "Розпізнавання заборонено до: "
-#: src/sss_client/pam_sss.c:774
+#: src/sss_client/pam_sss.c:777
msgid "System is offline, password change not possible"
msgstr "Система працює у автономному режимі, зміна пароля неможлива"
-#: src/sss_client/pam_sss.c:789
+#: src/sss_client/pam_sss.c:792
msgid ""
"After changing the OTP password, you need to log out and back in order to "
"acquire a ticket"
@@ -1423,31 +1460,27 @@ msgstr ""
"Після зміни пароля OTP вам слід вийти із системи і увійти до неї знову, щоб "
"отримати про квиток"
-#: src/sss_client/pam_sss.c:820 src/sss_client/pam_sss.c:833
+#: src/sss_client/pam_sss.c:880 src/sss_client/pam_sss.c:893
msgid "Password change failed. "
msgstr "Спроба зміни пароля зазнала невдачі. "
-#: src/sss_client/pam_sss.c:823 src/sss_client/pam_sss.c:834
-msgid "Server message: "
-msgstr "Повідомлення сервера: "
-
-#: src/sss_client/pam_sss.c:1274
+#: src/sss_client/pam_sss.c:1336
msgid "New Password: "
msgstr "Новий пароль: "
-#: src/sss_client/pam_sss.c:1275
+#: src/sss_client/pam_sss.c:1337
msgid "Reenter new Password: "
msgstr "Ще раз введіть новий пароль: "
-#: src/sss_client/pam_sss.c:1374
+#: src/sss_client/pam_sss.c:1436
msgid "Password: "
msgstr "Пароль: "
-#: src/sss_client/pam_sss.c:1406
+#: src/sss_client/pam_sss.c:1468
msgid "Current Password: "
msgstr "Поточний пароль: "
-#: src/sss_client/pam_sss.c:1582
+#: src/sss_client/pam_sss.c:1644
msgid "Password expired. Change your password now."
msgstr "Строк дії пароля вичерпано. Змініть ваш пароль."
@@ -1998,11 +2031,11 @@ msgstr "Скасувати визначення всіх карт autofs"
#: src/tools/sss_cache.c:614
msgid "Invalidate particular SSH host"
-msgstr ""
+msgstr "Скасувати чинність певного вузла SSH"
#: src/tools/sss_cache.c:616
msgid "Invalidate all SSH hosts"
-msgstr ""
+msgstr "Скасувати чинність усіх вузлів SSH"
#: src/tools/sss_cache.c:619
msgid "Only invalidate entries from a particular domain"
diff --git a/po/zh-CN.po b/po/zh-CN.po
new file mode 100644
index 000000000..60c1b1491
--- /dev/null
+++ b/po/zh-CN.po
@@ -0,0 +1,1899 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) YEAR Red Hat, Inc.
+# This file is distributed under the same license as the PACKAGE package.
+#
+# Translators:
+# Christopher Meng <cickumqt@gmail.com>, 2012
+msgid ""
+msgstr ""
+"Project-Id-Version: PACKAGE VERSION\n"
+"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
+"POT-Creation-Date: 2014-10-20 16:37+0200\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"PO-Revision-Date: 2014-06-04 02:04-0400\n"
+"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
+"Language-Team: Chinese (China) (http://www.transifex.com/projects/p/sssd/"
+"language/zh_CN/)\n"
+"Language: zh-CN\n"
+"Plural-Forms: nplurals=1; plural=0;\n"
+"X-Generator: Zanata 3.5.1\n"
+
+#: src/config/SSSDConfig/__init__.py.in:40
+msgid "Set the verbosity of the debug logging"
+msgstr "设定调试日志记录等级"
+
+#: src/config/SSSDConfig/__init__.py.in:41
+msgid "Include timestamps in debug logs"
+msgstr "在调试日志中包含时间戳"
+
+#: src/config/SSSDConfig/__init__.py.in:42
+msgid "Include microseconds in timestamps in debug logs"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:43
+msgid "Write debug messages to logfiles"
+msgstr "写入调试信息到日志文件"
+
+#: src/config/SSSDConfig/__init__.py.in:44
+msgid "Ping timeout before restarting service"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:45
+msgid ""
+"Timeout between three failed ping checks and forcibly killing the service"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:46
+msgid "Command to start service"
+msgstr "启动服务命令"
+
+#: src/config/SSSDConfig/__init__.py.in:47
+msgid "Number of times to attempt connection to Data Providers"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:48
+msgid "The number of file descriptors that may be opened by this responder"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:49
+msgid "Idle time before automatic disconnection of a client"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:52
+msgid "SSSD Services to start"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:53
+msgid "SSSD Domains to start"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:54
+msgid "Timeout for messages sent over the SBUS"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:55
+msgid "Regex to parse username and domain"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:56
+msgid "Printf-compatible format for displaying fully-qualified names"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:57
+msgid ""
+"Directory on the filesystem where SSSD should store Kerberos replay cache "
+"files."
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:58
+msgid "Domain to add to names without a domain component."
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:61
+msgid "Enumeration cache timeout length (seconds)"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:62
+msgid "Entry cache background update timeout length (seconds)"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:63
+#: src/config/SSSDConfig/__init__.py.in:92
+msgid "Negative cache timeout length (seconds)"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:64
+msgid "Users that SSSD should explicitly ignore"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:65
+msgid "Groups that SSSD should explicitly ignore"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:66
+msgid "Should filtered users appear in groups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:67
+msgid "The value of the password field the NSS provider should return"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:68
+msgid "Override homedir value from the identity provider with this value"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:69
+msgid ""
+"Substitute empty homedir value from the identity provider with this value"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:70
+msgid "Override shell value from the identity provider with this value"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:71
+msgid "The list of shells users are allowed to log in with"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:72
+msgid ""
+"The list of shells that will be vetoed, and replaced with the fallback shell"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:73
+msgid ""
+"If a shell stored in central directory is allowed but not available, use "
+"this fallback"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:74
+msgid "Shell to use if the provider does not list one"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:75
+msgid "How long will be in-memory cache records valid"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:76
+msgid "All spaces in group or user names will be replaced with this character"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:79
+msgid "How long to allow cached logins between online logins (days)"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:80
+msgid "How many failed logins attempts are allowed when offline"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:81
+msgid ""
+"How long (minutes) to deny login after offline_failed_login_attempts has "
+"been reached"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:82
+msgid "What kind of messages are displayed to the user during authentication"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:83
+msgid "How many seconds to keep identity information cached for PAM requests"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:84
+msgid "How many days before password expiration a warning should be displayed"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:85
+msgid "List of trusted uids or user's name"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:86
+msgid "List of domains accessible even for untrusted users."
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:89
+msgid "Whether to evaluate the time-based attributes in sudo rules"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:95
+msgid "Whether to hash host names and addresses in the known_hosts file"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:96
+msgid ""
+"How many seconds to keep a host in the known_hosts file after its host keys "
+"were requested"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:99
+msgid "List of UIDs or user names allowed to access the PAC responder"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:102
+msgid "List of UIDs or user names allowed to access the InfoPipe responder"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:103
+msgid "List of user attributes the InfoPipe is allowed to publish"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:106
+msgid "Identity provider"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:107
+msgid "Authentication provider"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:108
+msgid "Access control provider"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:109
+msgid "Password change provider"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:110
+msgid "SUDO provider"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:111
+msgid "Autofs provider"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:112
+msgid "Session-loading provider"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:113
+msgid "Host identity provider"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:116
+msgid "Minimum user ID"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:117
+msgid "Maximum user ID"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:118
+msgid "Enable enumerating all users/groups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:119
+msgid "Cache credentials for offline login"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:120
+msgid "Store password hashes"
+msgstr "保存密码哈希值"
+
+#: src/config/SSSDConfig/__init__.py.in:121
+msgid "Display users/groups in fully-qualified form"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:122
+msgid "Don't include group members in group lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:123
+#: src/config/SSSDConfig/__init__.py.in:130
+#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
+#: src/config/SSSDConfig/__init__.py.in:135
+msgid "Entry cache timeout length (seconds)"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:124
+msgid ""
+"Restrict or prefer a specific address family when performing DNS lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:125
+msgid "How long to keep cached entries after last successful login (days)"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:126
+msgid "How long to wait for replies from DNS when resolving servers (seconds)"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:127
+msgid "The domain part of service discovery DNS query"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:128
+msgid "Override GID value from the identity provider with this value"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:129
+msgid "Treat usernames as case sensitive"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:136
+msgid "How often should expired entries be refreshed in background"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:137
+msgid "Whether to automatically update the client's DNS entry"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:138
+#: src/config/SSSDConfig/__init__.py.in:153
+msgid "The TTL to apply to the client's DNS entry after updating it"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:154
+msgid "The interface whose IP should be used for dynamic DNS updates"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:140
+msgid "How often to periodically update the client's DNS entry"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:141
+msgid "Whether the provider should explicitly update the PTR record as well"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:142
+msgid "Whether the nsupdate utility should default to using TCP"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:143
+msgid "What kind of authentication should be used to perform the DNS update"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:144
+msgid "Control enumeration of trusted domains"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:145
+msgid "How often should subdomains list be refreshed"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:148
+msgid "IPA domain"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:149
+msgid "IPA server address"
+msgstr "IPA 服务器地址"
+
+#: src/config/SSSDConfig/__init__.py.in:150
+msgid "Address of backup IPA server"
+msgstr "IPA 备份服务器地址"
+
+#: src/config/SSSDConfig/__init__.py.in:151
+msgid "IPA client hostname"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:152
+msgid "Whether to automatically update the client's DNS entry in FreeIPA"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:155
+msgid "Search base for HBAC related objects"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:156
+msgid ""
+"The amount of time between lookups of the HBAC rules against the IPA server"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:157
+msgid ""
+"The amount of time in seconds between lookups of the SELinux maps against "
+"the IPA server"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:158
+msgid "If DENY rules are present, either DENY_ALL or IGNORE"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:159
+msgid "If set to false, host argument given by PAM will be ignored"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:160
+msgid "The automounter location this IPA client is using"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:161
+msgid "Search base for object containing info about IPA domain"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:162
+msgid "Search base for objects containing info about ID ranges"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:177
+msgid "Enable DNS sites - location based service discovery"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:164
+msgid "Search base for view containers"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:165
+msgid "Objectclass for view containers"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:166
+msgid "Attribute with the name of the view"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:167
+msgid "Objectclass for override objects"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:168
+msgid "Attribute with the reference to the original object"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:169
+msgid "Objectclass for user override objects"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:170
+msgid "Objectclass for group override objects"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:173
+msgid "Active Directory domain"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:174
+msgid "Active Directory server address"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:175
+msgid "Active Directory backup server address"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:176
+msgid "Active Directory client hostname"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:348
+msgid "LDAP filter to determine access privileges"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:179
+msgid "Whether to use the Global Catalog for lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:180
+msgid "Operation mode for GPO-based access control"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:181
+msgid ""
+"The amount of time between lookups of the GPO policy files against the AD "
+"server"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:182
+msgid ""
+"PAM service names that map to the GPO (Deny)InteractiveLogonRight policy "
+"settings"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:183
+msgid ""
+"PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight "
+"policy settings"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:184
+msgid ""
+"PAM service names that map to the GPO (Deny)NetworkLogonRight policy "
+"settings"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:185
+msgid ""
+"PAM service names that map to the GPO (Deny)BatchLogonRight policy settings"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:186
+msgid ""
+"PAM service names that map to the GPO (Deny)ServiceLogonRight policy "
+"settings"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:187
+msgid "PAM service names for which GPO-based access is always granted"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:188
+msgid "PAM service names for which GPO-based access is always denied"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:189
+msgid ""
+"Default logon right (or permit/deny) to use for unmapped PAM service names"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:192
+msgid "Kerberos server address"
+msgstr "Kerberos 服务器地址"
+
+#: src/config/SSSDConfig/__init__.py.in:193
+msgid "Kerberos backup server address"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:194
+msgid "Kerberos realm"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:195
+msgid "Authentication timeout"
+msgstr "验证超时"
+
+#: src/config/SSSDConfig/__init__.py.in:196
+msgid "Whether to create kdcinfo files"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:199
+msgid "Directory to store credential caches"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:200
+msgid "Location of the user's credential cache"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:201
+msgid "Location of the keytab to validate credentials"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:202
+msgid "Enable credential validation"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:203
+msgid "Store password if offline for later online authentication"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:204
+msgid "Renewable lifetime of the TGT"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:205
+msgid "Lifetime of the TGT"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:206
+msgid "Time between two checks for renewal"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:207
+msgid "Enables FAST"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:208
+msgid "Selects the principal to use for FAST"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:209
+msgid "Enables principal canonicalization"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:210
+msgid "Enables enterprise principals"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:214
+msgid "Server where the change password service is running if not on the KDC"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:217
+msgid "ldap_uri, The URI of the LDAP server"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:218
+msgid "ldap_backup_uri, The URI of the LDAP server"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:219
+msgid "The default base DN"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:220
+msgid "The Schema Type in use on the LDAP server, rfc2307"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:221
+msgid "The default bind DN"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:222
+msgid "The type of the authentication token of the default bind DN"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:223
+msgid "The authentication token of the default bind DN"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:224
+msgid "Length of time to attempt connection"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:225
+msgid "Length of time to attempt synchronous LDAP operations"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:226
+msgid "Length of time between attempts to reconnect while offline"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:227
+msgid "Use only the upper case for realm names"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:228
+msgid "File that contains CA certificates"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:229
+msgid "Path to CA certificate directory"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:230
+msgid "File that contains the client certificate"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:231
+msgid "File that contains the client key"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:232
+msgid "List of possible ciphers suites"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:233
+msgid "Require TLS certificate verification"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:234
+msgid "Specify the sasl mechanism to use"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:235
+msgid "Specify the sasl authorization id to use"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:236
+msgid "Specify the sasl authorization realm to use"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:237
+msgid "Specify the minimal SSF for LDAP sasl authorization"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:238
+msgid "Kerberos service keytab"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:239
+msgid "Use Kerberos auth for LDAP connection"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:240
+msgid "Follow LDAP referrals"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:241
+msgid "Lifetime of TGT for LDAP connection"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:242
+msgid "How to dereference aliases"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:243
+msgid "Service name for DNS service lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:244
+msgid "The number of records to retrieve in a single LDAP query"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:245
+msgid "The number of members that must be missing to trigger a full deref"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:246
+msgid ""
+"Whether the LDAP library should perform a reverse lookup to canonicalize the "
+"host name during a SASL bind"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:248
+msgid "entryUSN attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:249
+msgid "lastUSN attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:251
+msgid ""
+"How long to retain a connection to the LDAP server before disconnecting"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:253
+msgid "Disable the LDAP paging control"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:254
+msgid "Disable Active Directory range retrieval"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:257
+msgid "Length of time to wait for a search request"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:258
+msgid "Length of time to wait for a enumeration request"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:259
+msgid "Length of time between enumeration updates"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:260
+msgid "Length of time between cache cleanups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:261
+msgid "Require TLS for ID lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:262
+msgid "Use ID-mapping of objectSID instead of pre-set IDs"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:263
+msgid "Base DN for user lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:264
+msgid "Scope of user lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:265
+msgid "Filter for user lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:266
+msgid "Objectclass for users"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:267
+msgid "Username attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:269
+msgid "UID attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:270
+msgid "Primary GID attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:271
+msgid "GECOS attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:272
+msgid "Home directory attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:273
+msgid "Shell attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:310
+msgid "objectSID attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:275
+msgid "Active Directory primary group attribute for ID-mapping"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:276
+msgid "User principal attribute (for Kerberos)"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:277
+msgid "Full Name"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:278
+msgid "memberOf attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:279
+msgid "Modification time attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:281
+msgid "shadowLastChange attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:282
+msgid "shadowMin attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:283
+msgid "shadowMax attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:284
+msgid "shadowWarning attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:285
+msgid "shadowInactive attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:286
+msgid "shadowExpire attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:287
+msgid "shadowFlag attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:288
+msgid "Attribute listing authorized PAM services"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:289
+msgid "Attribute listing authorized server hosts"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:290
+msgid "krbLastPwdChange attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:291
+msgid "krbPasswordExpiration attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:292
+msgid "Attribute indicating that server side password policies are active"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:293
+msgid "accountExpires attribute of AD"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:294
+msgid "userAccountControl attribute of AD"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:295
+msgid "nsAccountLock attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:296
+msgid "loginDisabled attribute of NDS"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:297
+msgid "loginExpirationTime attribute of NDS"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:298
+msgid "loginAllowedTimeMap attribute of NDS"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:299
+msgid "SSH public key attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:300
+msgid "A list of extra attributes to download along with the user entry"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:302
+msgid "Base DN for group lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:305
+msgid "Objectclass for groups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:306
+msgid "Group name"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:307
+msgid "Group password"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:308
+msgid "GID attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:309
+msgid "Group member attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:311
+msgid "Modification time attribute for groups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:312
+msgid "Type of the group and other flags"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:314
+msgid "Maximum nesting level SSSd will follow"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:316
+msgid "Base DN for netgroup lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:317
+msgid "Objectclass for netgroups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:318
+msgid "Netgroup name"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:319
+msgid "Netgroups members attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:320
+msgid "Netgroup triple attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:321
+msgid "Modification time attribute for netgroups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:323
+msgid "Base DN for service lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:324
+msgid "Objectclass for services"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:325
+msgid "Service name attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:326
+msgid "Service port attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:327
+msgid "Service protocol attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:330
+msgid "Lower bound for ID-mapping"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:331
+msgid "Upper bound for ID-mapping"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:332
+msgid "Number of IDs for each slice when ID-mapping"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:333
+msgid "Use autorid-compatible algorithm for ID-mapping"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:334
+msgid "Name of the default domain for ID-mapping"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:335
+msgid "SID of the default domain for ID-mapping"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:337
+msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:338
+msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:339
+msgid "Whether to use Token-Groups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:340
+msgid "Set lower boundary for allowed IDs from the LDAP server"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:341
+msgid "Set upper boundary for allowed IDs from the LDAP server"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:342
+msgid "DN for ppolicy queries"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:345
+msgid "Policy to evaluate the password expiration"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:349
+msgid "Which attributes shall be used to evaluate if an account is expired"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:350
+msgid "Which rules should be used to evaluate access control"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:353
+msgid "URI of an LDAP server where password changes are allowed"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:354
+msgid "URI of a backup LDAP server where password changes are allowed"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:355
+msgid "DNS service name for LDAP password change server"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:356
+msgid ""
+"Whether to update the ldap_user_shadow_last_change attribute after a "
+"password change"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:359
+msgid "Base DN for sudo rules lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:360
+msgid "Automatic full refresh period"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:361
+msgid "Automatic smart refresh period"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:362
+msgid "Whether to filter rules by hostname, IP addresses and network"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:363
+msgid ""
+"Hostnames and/or fully qualified domain names of this machine to filter sudo "
+"rules"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:364
+msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:365
+msgid "Whether to include rules that contains netgroup in host attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:366
+msgid ""
+"Whether to include rules that contains regular expression in host attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:367
+msgid "Object class for sudo rules"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:368
+msgid "Sudo rule name"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:369
+msgid "Sudo rule command attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:370
+msgid "Sudo rule host attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:371
+msgid "Sudo rule user attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:372
+msgid "Sudo rule option attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:373
+msgid "Sudo rule runas attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:374
+msgid "Sudo rule runasuser attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:375
+msgid "Sudo rule runasgroup attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:376
+msgid "Sudo rule notbefore attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:377
+msgid "Sudo rule notafter attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:378
+msgid "Sudo rule order attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:381
+msgid "Object class for automounter maps"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:382
+msgid "Automounter map name attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:383
+msgid "Object class for automounter map entries"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:384
+msgid "Automounter map entry key attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:385
+msgid "Automounter map entry value attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:386
+msgid "Base DN for automounter map lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:389
+msgid "Comma separated list of allowed users"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:390
+msgid "Comma separated list of prohibited users"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:393
+msgid "Default shell, /bin/bash"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:394
+msgid "Base for home directories"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:397
+msgid "The name of the NSS library to use"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:398
+msgid "Whether to look up canonical group name from cache if possible"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:401
+msgid "PAM stack to use"
+msgstr ""
+
+#: src/monitor/monitor.c:2680
+msgid "Become a daemon (default)"
+msgstr ""
+
+#: src/monitor/monitor.c:2682
+msgid "Run interactive (not a daemon)"
+msgstr ""
+
+#: src/monitor/monitor.c:2684 src/tools/sss_debuglevel.c:71
+msgid "Specify a non-default config file"
+msgstr ""
+
+#: src/monitor/monitor.c:2686
+msgid "Print version number and exit"
+msgstr ""
+
+#: src/providers/krb5/krb5_child.c:1975 src/providers/ldap/ldap_child.c:480
+#: src/util/util.h:108
+msgid "Debug level"
+msgstr ""
+
+#: src/providers/krb5/krb5_child.c:1977 src/providers/ldap/ldap_child.c:482
+#: src/util/util.h:114
+msgid "Add debug timestamps"
+msgstr ""
+
+#: src/providers/krb5/krb5_child.c:1979 src/providers/ldap/ldap_child.c:484
+#: src/util/util.h:116
+msgid "Show timestamps with microseconds"
+msgstr ""
+
+#: src/providers/krb5/krb5_child.c:1981 src/providers/ldap/ldap_child.c:486
+msgid "An open file descriptor for the debug logs"
+msgstr ""
+
+#: src/providers/krb5/krb5_child.c:1984 src/providers/ldap/ldap_child.c:488
+#: src/util/util.h:112
+msgid "Send the debug output to stderr directly."
+msgstr ""
+
+#: src/providers/data_provider_be.c:2812
+msgid "Domain of the information provider (mandatory)"
+msgstr ""
+
+#: src/sss_client/common.c:946
+msgid "Privileged socket has wrong ownership or permissions."
+msgstr ""
+
+#: src/sss_client/common.c:949
+msgid "Public socket has wrong ownership or permissions."
+msgstr ""
+
+#: src/sss_client/common.c:952
+msgid "Unexpected format of the server credential message."
+msgstr ""
+
+#: src/sss_client/common.c:955
+msgid "SSSD is not run by root."
+msgstr ""
+
+#: src/sss_client/common.c:960
+msgid "An error occurred, but no description can be found."
+msgstr ""
+
+#: src/sss_client/common.c:966
+msgid "Unexpected error while looking for an error description"
+msgstr ""
+
+#: src/sss_client/pam_sss.c:393
+msgid "Passwords do not match"
+msgstr ""
+
+#: src/sss_client/pam_sss.c:581
+msgid "Password reset by root is not supported."
+msgstr ""
+
+#: src/sss_client/pam_sss.c:622
+msgid "Authenticated with cached credentials"
+msgstr ""
+
+#: src/sss_client/pam_sss.c:623
+msgid ", your cached password will expire at: "
+msgstr ""
+
+#: src/sss_client/pam_sss.c:653
+#, c-format
+msgid "Your password has expired. You have %1$d grace login(s) remaining."
+msgstr ""
+
+#: src/sss_client/pam_sss.c:699
+#, c-format
+msgid "Your password will expire in %1$d %2$s."
+msgstr ""
+
+#: src/sss_client/pam_sss.c:748
+msgid "Authentication is denied until: "
+msgstr ""
+
+#: src/sss_client/pam_sss.c:769
+msgid "System is offline, password change not possible"
+msgstr ""
+
+#: src/sss_client/pam_sss.c:784
+msgid ""
+"After changing the OTP password, you need to log out and back in order to "
+"acquire a ticket"
+msgstr ""
+
+#: src/sss_client/pam_sss.c:815 src/sss_client/pam_sss.c:828
+msgid "Password change failed. "
+msgstr ""
+
+#: src/sss_client/pam_sss.c:818 src/sss_client/pam_sss.c:829
+msgid "Server message: "
+msgstr ""
+
+#: src/sss_client/pam_sss.c:1260
+msgid "New Password: "
+msgstr ""
+
+#: src/sss_client/pam_sss.c:1261
+msgid "Reenter new Password: "
+msgstr ""
+
+#: src/sss_client/pam_sss.c:1360
+msgid "Password: "
+msgstr ""
+
+#: src/sss_client/pam_sss.c:1392
+msgid "Current Password: "
+msgstr ""
+
+#: src/sss_client/pam_sss.c:1562
+msgid "Password expired. Change your password now."
+msgstr ""
+
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:40
+#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 src/tools/sss_useradd.c:48
+#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44
+#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:655
+#: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47
+#: src/tools/sss_cache.c:586 src/tools/sss_debuglevel.c:69
+msgid "The debug level to run with"
+msgstr ""
+
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:42
+#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:196
+msgid "The SSSD domain to use"
+msgstr ""
+
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:57 src/tools/sss_useradd.c:74
+#: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54
+#: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:667
+#: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79
+#: src/tools/sss_cache.c:626
+msgid "Error setting the locale\n"
+msgstr ""
+
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:64
+msgid "Not enough memory\n"
+msgstr ""
+
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:83
+msgid "User not specified\n"
+msgstr ""
+
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:92
+msgid "Error looking up public keys\n"
+msgstr ""
+
+#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:194
+msgid "The port to use to connect to the host"
+msgstr ""
+
+#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:238
+msgid "Invalid port\n"
+msgstr "无效端口\n"
+
+#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:243
+msgid "Host not specified\n"
+msgstr ""
+
+#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:249
+msgid "The path to the proxy command must be absolute\n"
+msgstr ""
+
+#: src/tools/sss_useradd.c:49 src/tools/sss_usermod.c:48
+msgid "The UID of the user"
+msgstr ""
+
+#: src/tools/sss_useradd.c:50 src/tools/sss_usermod.c:50
+msgid "The comment string"
+msgstr ""
+
+#: src/tools/sss_useradd.c:51 src/tools/sss_usermod.c:51
+msgid "Home directory"
+msgstr ""
+
+#: src/tools/sss_useradd.c:52 src/tools/sss_usermod.c:52
+msgid "Login shell"
+msgstr ""
+
+#: src/tools/sss_useradd.c:53
+msgid "Groups"
+msgstr ""
+
+#: src/tools/sss_useradd.c:54
+msgid "Create user's directory if it does not exist"
+msgstr ""
+
+#: src/tools/sss_useradd.c:55
+msgid "Never create user's directory, overrides config"
+msgstr ""
+
+#: src/tools/sss_useradd.c:56
+msgid "Specify an alternative skeleton directory"
+msgstr ""
+
+#: src/tools/sss_useradd.c:57 src/tools/sss_usermod.c:60
+msgid "The SELinux user for user's login"
+msgstr ""
+
+#: src/tools/sss_useradd.c:87 src/tools/sss_groupmod.c:79
+#: src/tools/sss_usermod.c:92
+msgid "Specify group to add to\n"
+msgstr ""
+
+#: src/tools/sss_useradd.c:111
+msgid "Specify user to add\n"
+msgstr ""
+
+#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86
+#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113
+#: src/tools/sss_groupshow.c:701 src/tools/sss_userdel.c:198
+#: src/tools/sss_usermod.c:162
+msgid "Error initializing the tools - no local domain\n"
+msgstr ""
+
+#: src/tools/sss_useradd.c:123 src/tools/sss_groupadd.c:88
+#: src/tools/sss_groupdel.c:82 src/tools/sss_groupmod.c:115
+#: src/tools/sss_groupshow.c:703 src/tools/sss_userdel.c:200
+#: src/tools/sss_usermod.c:164
+msgid "Error initializing the tools\n"
+msgstr ""
+
+#: src/tools/sss_useradd.c:132 src/tools/sss_groupadd.c:97
+#: src/tools/sss_groupdel.c:91 src/tools/sss_groupmod.c:123
+#: src/tools/sss_groupshow.c:712 src/tools/sss_userdel.c:209
+#: src/tools/sss_usermod.c:173
+msgid "Invalid domain specified in FQDN\n"
+msgstr ""
+
+#: src/tools/sss_useradd.c:142 src/tools/sss_groupmod.c:144
+#: src/tools/sss_groupmod.c:173 src/tools/sss_usermod.c:197
+#: src/tools/sss_usermod.c:226
+msgid "Internal error while parsing parameters\n"
+msgstr ""
+
+#: src/tools/sss_useradd.c:151 src/tools/sss_usermod.c:206
+#: src/tools/sss_usermod.c:235
+msgid "Groups must be in the same domain as user\n"
+msgstr ""
+
+#: src/tools/sss_useradd.c:159
+#, c-format
+msgid "Cannot find group %1$s in local domain\n"
+msgstr ""
+
+#: src/tools/sss_useradd.c:174 src/tools/sss_userdel.c:219
+msgid "Cannot set default values\n"
+msgstr ""
+
+#: src/tools/sss_useradd.c:181 src/tools/sss_usermod.c:187
+msgid "The selected UID is outside the allowed range\n"
+msgstr ""
+
+#: src/tools/sss_useradd.c:210 src/tools/sss_usermod.c:305
+msgid "Cannot set SELinux login context\n"
+msgstr ""
+
+#: src/tools/sss_useradd.c:224
+msgid "Cannot get info about the user\n"
+msgstr ""
+
+#: src/tools/sss_useradd.c:236
+msgid "User's home directory already exists, not copying data from skeldir\n"
+msgstr ""
+
+#: src/tools/sss_useradd.c:239
+#, c-format
+msgid "Cannot create user's home directory: %1$s\n"
+msgstr ""
+
+#: src/tools/sss_useradd.c:250
+#, c-format
+msgid "Cannot create user's mail spool: %1$s\n"
+msgstr ""
+
+#: src/tools/sss_useradd.c:270
+msgid "Could not allocate ID for the user - domain full?\n"
+msgstr ""
+
+#: src/tools/sss_useradd.c:274
+msgid "A user or group with the same name or ID already exists\n"
+msgstr ""
+
+#: src/tools/sss_useradd.c:280
+msgid "Transaction error. Could not add user.\n"
+msgstr ""
+
+#: src/tools/sss_groupadd.c:43 src/tools/sss_groupmod.c:48
+msgid "The GID of the group"
+msgstr ""
+
+#: src/tools/sss_groupadd.c:76
+msgid "Specify group to add\n"
+msgstr ""
+
+#: src/tools/sss_groupadd.c:106 src/tools/sss_groupmod.c:198
+msgid "The selected GID is outside the allowed range\n"
+msgstr ""
+
+#: src/tools/sss_groupadd.c:143
+msgid "Could not allocate ID for the group - domain full?\n"
+msgstr ""
+
+#: src/tools/sss_groupadd.c:147
+msgid "A group with the same name or GID already exists\n"
+msgstr ""
+
+#: src/tools/sss_groupadd.c:153
+msgid "Transaction error. Could not add group.\n"
+msgstr ""
+
+#: src/tools/sss_groupdel.c:70
+msgid "Specify group to delete\n"
+msgstr ""
+
+#: src/tools/sss_groupdel.c:104
+#, c-format
+msgid "Group %1$s is outside the defined ID range for domain\n"
+msgstr ""
+
+#: src/tools/sss_groupdel.c:119 src/tools/sss_groupmod.c:225
+#: src/tools/sss_groupmod.c:232 src/tools/sss_groupmod.c:239
+#: src/tools/sss_userdel.c:295 src/tools/sss_usermod.c:282
+#: src/tools/sss_usermod.c:289 src/tools/sss_usermod.c:296
+#, c-format
+msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n"
+msgstr ""
+
+#: src/tools/sss_groupdel.c:132
+msgid ""
+"No such group in local domain. Removing groups only allowed in local domain."
+"\n"
+msgstr ""
+
+#: src/tools/sss_groupdel.c:137
+msgid "Internal error. Could not remove group.\n"
+msgstr ""
+
+#: src/tools/sss_groupmod.c:44
+msgid "Groups to add this group to"
+msgstr ""
+
+#: src/tools/sss_groupmod.c:46
+msgid "Groups to remove this group from"
+msgstr ""
+
+#: src/tools/sss_groupmod.c:87 src/tools/sss_usermod.c:100
+msgid "Specify group to remove from\n"
+msgstr ""
+
+#: src/tools/sss_groupmod.c:101
+msgid "Specify group to modify\n"
+msgstr ""
+
+#: src/tools/sss_groupmod.c:130
+msgid ""
+"Cannot find group in local domain, modifying groups is allowed only in local "
+"domain\n"
+msgstr ""
+
+#: src/tools/sss_groupmod.c:153 src/tools/sss_groupmod.c:182
+msgid "Member groups must be in the same domain as parent group\n"
+msgstr ""
+
+#: src/tools/sss_groupmod.c:161 src/tools/sss_groupmod.c:190
+#: src/tools/sss_usermod.c:214 src/tools/sss_usermod.c:243
+#, c-format
+msgid ""
+"Cannot find group %1$s in local domain, only groups in local domain are "
+"allowed\n"
+msgstr ""
+
+#: src/tools/sss_groupmod.c:257
+msgid "Could not modify group - check if member group names are correct\n"
+msgstr ""
+
+#: src/tools/sss_groupmod.c:261
+msgid "Could not modify group - check if groupname is correct\n"
+msgstr ""
+
+#: src/tools/sss_groupmod.c:265
+msgid "Transaction error. Could not modify group.\n"
+msgstr ""
+
+#: src/tools/sss_groupshow.c:602
+#, c-format
+msgid "%1$s%2$sGroup: %3$s\n"
+msgstr ""
+
+#: src/tools/sss_groupshow.c:603
+msgid "Magic Private "
+msgstr ""
+
+#: src/tools/sss_groupshow.c:605
+#, c-format
+msgid "%1$sGID number: %2$d\n"
+msgstr ""
+
+#: src/tools/sss_groupshow.c:607
+#, c-format
+msgid "%1$sMember users: "
+msgstr ""
+
+#: src/tools/sss_groupshow.c:614
+#, c-format
+msgid "\n"
+"%1$sIs a member of: "
+msgstr ""
+
+#: src/tools/sss_groupshow.c:621
+#, c-format
+msgid "\n"
+"%1$sMember groups: "
+msgstr ""
+
+#: src/tools/sss_groupshow.c:657
+msgid "Print indirect group members recursively"
+msgstr ""
+
+#: src/tools/sss_groupshow.c:691
+msgid "Specify group to show\n"
+msgstr ""
+
+#: src/tools/sss_groupshow.c:731
+msgid ""
+"No such group in local domain. Printing groups only allowed in local domain."
+"\n"
+msgstr ""
+
+#: src/tools/sss_groupshow.c:736
+msgid "Internal error. Could not print group.\n"
+msgstr ""
+
+#: src/tools/sss_userdel.c:136
+msgid "Remove home directory and mail spool"
+msgstr ""
+
+#: src/tools/sss_userdel.c:138
+msgid "Do not remove home directory and mail spool"
+msgstr ""
+
+#: src/tools/sss_userdel.c:140
+msgid "Force removal of files not owned by the user"
+msgstr ""
+
+#: src/tools/sss_userdel.c:142
+msgid "Kill users' processes before removing him"
+msgstr ""
+
+#: src/tools/sss_userdel.c:188
+msgid "Specify user to delete\n"
+msgstr ""
+
+#: src/tools/sss_userdel.c:234
+#, c-format
+msgid "User %1$s is outside the defined ID range for domain\n"
+msgstr ""
+
+#: src/tools/sss_userdel.c:259
+msgid "Cannot reset SELinux login context\n"
+msgstr ""
+
+#: src/tools/sss_userdel.c:271
+#, c-format
+msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n"
+msgstr ""
+
+#: src/tools/sss_userdel.c:276
+msgid "Cannot determine if the user was logged in on this platform"
+msgstr ""
+
+#: src/tools/sss_userdel.c:281
+msgid "Error while checking if the user was logged in\n"
+msgstr ""
+
+#: src/tools/sss_userdel.c:288
+#, c-format
+msgid "The post-delete command failed: %1$s\n"
+msgstr ""
+
+#: src/tools/sss_userdel.c:308
+msgid "Not removing home dir - not owned by user\n"
+msgstr ""
+
+#: src/tools/sss_userdel.c:310
+#, c-format
+msgid "Cannot remove homedir: %1$s\n"
+msgstr ""
+
+#: src/tools/sss_userdel.c:324
+msgid ""
+"No such user in local domain. Removing users only allowed in local domain.\n"
+msgstr ""
+
+#: src/tools/sss_userdel.c:329
+msgid "Internal error. Could not remove user.\n"
+msgstr ""
+
+#: src/tools/sss_usermod.c:49
+msgid "The GID of the user"
+msgstr ""
+
+#: src/tools/sss_usermod.c:53
+msgid "Groups to add this user to"
+msgstr ""
+
+#: src/tools/sss_usermod.c:54
+msgid "Groups to remove this user from"
+msgstr ""
+
+#: src/tools/sss_usermod.c:55
+msgid "Lock the account"
+msgstr ""
+
+#: src/tools/sss_usermod.c:56
+msgid "Unlock the account"
+msgstr ""
+
+#: src/tools/sss_usermod.c:57
+msgid "Add an attribute/value pair. The format is attrname=value."
+msgstr ""
+
+#: src/tools/sss_usermod.c:58
+msgid "Delete an attribute/value pair. The format is attrname=value."
+msgstr ""
+
+#: src/tools/sss_usermod.c:59
+msgid ""
+"Set an attribute to a name/value pair. The format is attrname=value. For "
+"multi-valued attributes, the command replaces the values already present"
+msgstr ""
+
+#: src/tools/sss_usermod.c:117 src/tools/sss_usermod.c:126
+#: src/tools/sss_usermod.c:135
+msgid "Specify the attribute name/value pair(s)\n"
+msgstr ""
+
+#: src/tools/sss_usermod.c:152
+msgid "Specify user to modify\n"
+msgstr ""
+
+#: src/tools/sss_usermod.c:180
+msgid ""
+"Cannot find user in local domain, modifying users is allowed only in local "
+"domain\n"
+msgstr ""
+
+#: src/tools/sss_usermod.c:322
+msgid "Could not modify user - check if group names are correct\n"
+msgstr ""
+
+#: src/tools/sss_usermod.c:326
+msgid "Could not modify user - user already member of groups?\n"
+msgstr ""
+
+#: src/tools/sss_usermod.c:330
+msgid "Transaction error. Could not modify user.\n"
+msgstr ""
+
+#: src/tools/sss_cache.c:188
+msgid "No cache object matched the specified search\n"
+msgstr ""
+
+#: src/tools/sss_cache.c:430
+#, c-format
+msgid "Couldn't invalidate %1$s"
+msgstr ""
+
+#: src/tools/sss_cache.c:437
+#, c-format
+msgid "Couldn't invalidate %1$s %2$s"
+msgstr ""
+
+#: src/tools/sss_cache.c:588
+msgid "Invalidate all cached entries except for sudo rules"
+msgstr ""
+
+#: src/tools/sss_cache.c:590
+msgid "Invalidate particular user"
+msgstr ""
+
+#: src/tools/sss_cache.c:592
+msgid "Invalidate all users"
+msgstr ""
+
+#: src/tools/sss_cache.c:594
+msgid "Invalidate particular group"
+msgstr ""
+
+#: src/tools/sss_cache.c:596
+msgid "Invalidate all groups"
+msgstr ""
+
+#: src/tools/sss_cache.c:598
+msgid "Invalidate particular netgroup"
+msgstr ""
+
+#: src/tools/sss_cache.c:600
+msgid "Invalidate all netgroups"
+msgstr ""
+
+#: src/tools/sss_cache.c:602
+msgid "Invalidate particular service"
+msgstr ""
+
+#: src/tools/sss_cache.c:604
+msgid "Invalidate all services"
+msgstr ""
+
+#: src/tools/sss_cache.c:607
+msgid "Invalidate particular autofs map"
+msgstr ""
+
+#: src/tools/sss_cache.c:609
+msgid "Invalidate all autofs maps"
+msgstr ""
+
+#: src/tools/sss_cache.c:613
+msgid "Invalidate particular SSH host"
+msgstr ""
+
+#: src/tools/sss_cache.c:615
+msgid "Invalidate all SSH hosts"
+msgstr ""
+
+#: src/tools/sss_cache.c:618
+msgid "Only invalidate entries from a particular domain"
+msgstr ""
+
+#: src/tools/sss_cache.c:667
+msgid "Please select at least one object to invalidate\n"
+msgstr ""
+
+#: src/tools/sss_cache.c:750
+#, c-format
+msgid ""
+"Could not open domain %1$s. If the domain is a subdomain (trusted domain), "
+"use fully qualified name instead of --domain/-d parameter.\n"
+msgstr ""
+
+#: src/tools/sss_cache.c:754
+msgid "Could not open available domains\n"
+msgstr ""
+
+#: src/tools/sss_debuglevel.c:40
+msgid "\n"
+msgstr ""
+
+#: src/tools/sss_debuglevel.c:96
+msgid "Specify debug level you want to set\n"
+msgstr ""
+
+#: src/tools/sss_debuglevel.c:102
+msgid "Only one argument expected\n"
+msgstr ""
+
+#: src/tools/tools_util.c:204
+#, c-format
+msgid "Name '%1$s' does not seem to be FQDN ('%2$s = TRUE' is set)\n"
+msgstr ""
+
+#: src/tools/tools_util.c:309
+msgid "Out of memory\n"
+msgstr ""
+
+#: src/tools/tools_util.h:43
+#, c-format
+msgid "%1$s must be run as root\n"
+msgstr ""
+
+#: src/util/util.h:110
+msgid "Send the debug output to files instead of stderr"
+msgstr ""
diff --git a/po/zh-TW.po b/po/zh-TW.po
new file mode 100644
index 000000000..e649d3a4b
--- /dev/null
+++ b/po/zh-TW.po
@@ -0,0 +1,1898 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) YEAR Red Hat, Inc.
+# This file is distributed under the same license as the PACKAGE package.
+#
+# Translators:
+msgid ""
+msgstr ""
+"Project-Id-Version: PACKAGE VERSION\n"
+"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
+"POT-Creation-Date: 2014-10-20 16:37+0200\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"PO-Revision-Date: 2014-06-04 02:04-0400\n"
+"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
+"Language-Team: Chinese (Taiwan) (http://www.transifex.com/projects/p/sssd/"
+"language/zh_TW/)\n"
+"Language: zh-TW\n"
+"Plural-Forms: nplurals=1; plural=0;\n"
+"X-Generator: Zanata 3.5.1\n"
+
+#: src/config/SSSDConfig/__init__.py.in:40
+msgid "Set the verbosity of the debug logging"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:41
+msgid "Include timestamps in debug logs"
+msgstr "在除錯日誌內加入時間戳記"
+
+#: src/config/SSSDConfig/__init__.py.in:42
+msgid "Include microseconds in timestamps in debug logs"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:43
+msgid "Write debug messages to logfiles"
+msgstr "將除錯訊息寫入日誌檔"
+
+#: src/config/SSSDConfig/__init__.py.in:44
+msgid "Ping timeout before restarting service"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:45
+msgid ""
+"Timeout between three failed ping checks and forcibly killing the service"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:46
+msgid "Command to start service"
+msgstr "啟動服務的指令"
+
+#: src/config/SSSDConfig/__init__.py.in:47
+msgid "Number of times to attempt connection to Data Providers"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:48
+msgid "The number of file descriptors that may be opened by this responder"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:49
+msgid "Idle time before automatic disconnection of a client"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:52
+msgid "SSSD Services to start"
+msgstr "要啟動的 SSSD 服務"
+
+#: src/config/SSSDConfig/__init__.py.in:53
+msgid "SSSD Domains to start"
+msgstr "要啟動的 SSSD 網域"
+
+#: src/config/SSSDConfig/__init__.py.in:54
+msgid "Timeout for messages sent over the SBUS"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:55
+msgid "Regex to parse username and domain"
+msgstr "用來解析使用者名稱與網域的正規表示式"
+
+#: src/config/SSSDConfig/__init__.py.in:56
+msgid "Printf-compatible format for displaying fully-qualified names"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:57
+msgid ""
+"Directory on the filesystem where SSSD should store Kerberos replay cache "
+"files."
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:58
+msgid "Domain to add to names without a domain component."
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:61
+msgid "Enumeration cache timeout length (seconds)"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:62
+msgid "Entry cache background update timeout length (seconds)"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:63
+#: src/config/SSSDConfig/__init__.py.in:92
+msgid "Negative cache timeout length (seconds)"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:64
+msgid "Users that SSSD should explicitly ignore"
+msgstr "SSSD 應該明確忽略的使用者"
+
+#: src/config/SSSDConfig/__init__.py.in:65
+msgid "Groups that SSSD should explicitly ignore"
+msgstr "SSSD 應該明確忽略的群組"
+
+#: src/config/SSSDConfig/__init__.py.in:66
+msgid "Should filtered users appear in groups"
+msgstr "過濾的使用者是否應該顯現在群組內"
+
+#: src/config/SSSDConfig/__init__.py.in:67
+msgid "The value of the password field the NSS provider should return"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:68
+msgid "Override homedir value from the identity provider with this value"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:69
+msgid ""
+"Substitute empty homedir value from the identity provider with this value"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:70
+msgid "Override shell value from the identity provider with this value"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:71
+msgid "The list of shells users are allowed to log in with"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:72
+msgid ""
+"The list of shells that will be vetoed, and replaced with the fallback shell"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:73
+msgid ""
+"If a shell stored in central directory is allowed but not available, use "
+"this fallback"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:74
+msgid "Shell to use if the provider does not list one"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:75
+msgid "How long will be in-memory cache records valid"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:76
+msgid "All spaces in group or user names will be replaced with this character"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:79
+msgid "How long to allow cached logins between online logins (days)"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:80
+msgid "How many failed logins attempts are allowed when offline"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:81
+msgid ""
+"How long (minutes) to deny login after offline_failed_login_attempts has "
+"been reached"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:82
+msgid "What kind of messages are displayed to the user during authentication"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:83
+msgid "How many seconds to keep identity information cached for PAM requests"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:84
+msgid "How many days before password expiration a warning should be displayed"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:85
+msgid "List of trusted uids or user's name"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:86
+msgid "List of domains accessible even for untrusted users."
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:89
+msgid "Whether to evaluate the time-based attributes in sudo rules"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:95
+msgid "Whether to hash host names and addresses in the known_hosts file"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:96
+msgid ""
+"How many seconds to keep a host in the known_hosts file after its host keys "
+"were requested"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:99
+msgid "List of UIDs or user names allowed to access the PAC responder"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:102
+msgid "List of UIDs or user names allowed to access the InfoPipe responder"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:103
+msgid "List of user attributes the InfoPipe is allowed to publish"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:106
+msgid "Identity provider"
+msgstr "身分提供者"
+
+#: src/config/SSSDConfig/__init__.py.in:107
+msgid "Authentication provider"
+msgstr "認證提供者"
+
+#: src/config/SSSDConfig/__init__.py.in:108
+msgid "Access control provider"
+msgstr "存取控制提供者"
+
+#: src/config/SSSDConfig/__init__.py.in:109
+msgid "Password change provider"
+msgstr "密碼變更提供者"
+
+#: src/config/SSSDConfig/__init__.py.in:110
+msgid "SUDO provider"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:111
+msgid "Autofs provider"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:112
+msgid "Session-loading provider"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:113
+msgid "Host identity provider"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:116
+msgid "Minimum user ID"
+msgstr "最小的使用者 ID"
+
+#: src/config/SSSDConfig/__init__.py.in:117
+msgid "Maximum user ID"
+msgstr "最大的使用者 ID"
+
+#: src/config/SSSDConfig/__init__.py.in:118
+msgid "Enable enumerating all users/groups"
+msgstr "啟用所有使用者或群組的列舉"
+
+#: src/config/SSSDConfig/__init__.py.in:119
+msgid "Cache credentials for offline login"
+msgstr "供離線登入使用的快取憑證"
+
+#: src/config/SSSDConfig/__init__.py.in:120
+msgid "Store password hashes"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:121
+msgid "Display users/groups in fully-qualified form"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:122
+msgid "Don't include group members in group lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:123
+#: src/config/SSSDConfig/__init__.py.in:130
+#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
+#: src/config/SSSDConfig/__init__.py.in:135
+msgid "Entry cache timeout length (seconds)"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:124
+msgid ""
+"Restrict or prefer a specific address family when performing DNS lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:125
+msgid "How long to keep cached entries after last successful login (days)"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:126
+msgid "How long to wait for replies from DNS when resolving servers (seconds)"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:127
+msgid "The domain part of service discovery DNS query"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:128
+msgid "Override GID value from the identity provider with this value"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:129
+msgid "Treat usernames as case sensitive"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:136
+msgid "How often should expired entries be refreshed in background"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:137
+msgid "Whether to automatically update the client's DNS entry"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:138
+#: src/config/SSSDConfig/__init__.py.in:153
+msgid "The TTL to apply to the client's DNS entry after updating it"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:154
+msgid "The interface whose IP should be used for dynamic DNS updates"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:140
+msgid "How often to periodically update the client's DNS entry"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:141
+msgid "Whether the provider should explicitly update the PTR record as well"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:142
+msgid "Whether the nsupdate utility should default to using TCP"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:143
+msgid "What kind of authentication should be used to perform the DNS update"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:144
+msgid "Control enumeration of trusted domains"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:145
+msgid "How often should subdomains list be refreshed"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:148
+msgid "IPA domain"
+msgstr "IPA 網域"
+
+#: src/config/SSSDConfig/__init__.py.in:149
+msgid "IPA server address"
+msgstr "IPA 伺服器位址"
+
+#: src/config/SSSDConfig/__init__.py.in:150
+msgid "Address of backup IPA server"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:151
+msgid "IPA client hostname"
+msgstr "IPA 客戶端主機名稱"
+
+#: src/config/SSSDConfig/__init__.py.in:152
+msgid "Whether to automatically update the client's DNS entry in FreeIPA"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:155
+msgid "Search base for HBAC related objects"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:156
+msgid ""
+"The amount of time between lookups of the HBAC rules against the IPA server"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:157
+msgid ""
+"The amount of time in seconds between lookups of the SELinux maps against "
+"the IPA server"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:158
+msgid "If DENY rules are present, either DENY_ALL or IGNORE"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:159
+msgid "If set to false, host argument given by PAM will be ignored"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:160
+msgid "The automounter location this IPA client is using"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:161
+msgid "Search base for object containing info about IPA domain"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:162
+msgid "Search base for objects containing info about ID ranges"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:177
+msgid "Enable DNS sites - location based service discovery"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:164
+msgid "Search base for view containers"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:165
+msgid "Objectclass for view containers"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:166
+msgid "Attribute with the name of the view"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:167
+msgid "Objectclass for override objects"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:168
+msgid "Attribute with the reference to the original object"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:169
+msgid "Objectclass for user override objects"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:170
+msgid "Objectclass for group override objects"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:173
+msgid "Active Directory domain"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:174
+msgid "Active Directory server address"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:175
+msgid "Active Directory backup server address"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:176
+msgid "Active Directory client hostname"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:348
+msgid "LDAP filter to determine access privileges"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:179
+msgid "Whether to use the Global Catalog for lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:180
+msgid "Operation mode for GPO-based access control"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:181
+msgid ""
+"The amount of time between lookups of the GPO policy files against the AD "
+"server"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:182
+msgid ""
+"PAM service names that map to the GPO (Deny)InteractiveLogonRight policy "
+"settings"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:183
+msgid ""
+"PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight "
+"policy settings"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:184
+msgid ""
+"PAM service names that map to the GPO (Deny)NetworkLogonRight policy "
+"settings"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:185
+msgid ""
+"PAM service names that map to the GPO (Deny)BatchLogonRight policy settings"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:186
+msgid ""
+"PAM service names that map to the GPO (Deny)ServiceLogonRight policy "
+"settings"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:187
+msgid "PAM service names for which GPO-based access is always granted"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:188
+msgid "PAM service names for which GPO-based access is always denied"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:189
+msgid ""
+"Default logon right (or permit/deny) to use for unmapped PAM service names"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:192
+msgid "Kerberos server address"
+msgstr "Kerberos 伺服器位址"
+
+#: src/config/SSSDConfig/__init__.py.in:193
+msgid "Kerberos backup server address"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:194
+msgid "Kerberos realm"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:195
+msgid "Authentication timeout"
+msgstr "認證逾時"
+
+#: src/config/SSSDConfig/__init__.py.in:196
+msgid "Whether to create kdcinfo files"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:199
+msgid "Directory to store credential caches"
+msgstr "儲存憑證快取的目錄"
+
+#: src/config/SSSDConfig/__init__.py.in:200
+msgid "Location of the user's credential cache"
+msgstr "使用者憑證快取的位置"
+
+#: src/config/SSSDConfig/__init__.py.in:201
+msgid "Location of the keytab to validate credentials"
+msgstr "驗證憑證用的金鑰表格位置"
+
+#: src/config/SSSDConfig/__init__.py.in:202
+msgid "Enable credential validation"
+msgstr "啟用憑證驗證"
+
+#: src/config/SSSDConfig/__init__.py.in:203
+msgid "Store password if offline for later online authentication"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:204
+msgid "Renewable lifetime of the TGT"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:205
+msgid "Lifetime of the TGT"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:206
+msgid "Time between two checks for renewal"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:207
+msgid "Enables FAST"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:208
+msgid "Selects the principal to use for FAST"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:209
+msgid "Enables principal canonicalization"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:210
+msgid "Enables enterprise principals"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:214
+msgid "Server where the change password service is running if not on the KDC"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:217
+msgid "ldap_uri, The URI of the LDAP server"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:218
+msgid "ldap_backup_uri, The URI of the LDAP server"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:219
+msgid "The default base DN"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:220
+msgid "The Schema Type in use on the LDAP server, rfc2307"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:221
+msgid "The default bind DN"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:222
+msgid "The type of the authentication token of the default bind DN"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:223
+msgid "The authentication token of the default bind DN"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:224
+msgid "Length of time to attempt connection"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:225
+msgid "Length of time to attempt synchronous LDAP operations"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:226
+msgid "Length of time between attempts to reconnect while offline"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:227
+msgid "Use only the upper case for realm names"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:228
+msgid "File that contains CA certificates"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:229
+msgid "Path to CA certificate directory"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:230
+msgid "File that contains the client certificate"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:231
+msgid "File that contains the client key"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:232
+msgid "List of possible ciphers suites"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:233
+msgid "Require TLS certificate verification"
+msgstr "需要 TLS 憑證驗證"
+
+#: src/config/SSSDConfig/__init__.py.in:234
+msgid "Specify the sasl mechanism to use"
+msgstr "指定要使用的 sasl 機制"
+
+#: src/config/SSSDConfig/__init__.py.in:235
+msgid "Specify the sasl authorization id to use"
+msgstr "指定要使用的 sasl 認證 id"
+
+#: src/config/SSSDConfig/__init__.py.in:236
+msgid "Specify the sasl authorization realm to use"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:237
+msgid "Specify the minimal SSF for LDAP sasl authorization"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:238
+msgid "Kerberos service keytab"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:239
+msgid "Use Kerberos auth for LDAP connection"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:240
+msgid "Follow LDAP referrals"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:241
+msgid "Lifetime of TGT for LDAP connection"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:242
+msgid "How to dereference aliases"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:243
+msgid "Service name for DNS service lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:244
+msgid "The number of records to retrieve in a single LDAP query"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:245
+msgid "The number of members that must be missing to trigger a full deref"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:246
+msgid ""
+"Whether the LDAP library should perform a reverse lookup to canonicalize the "
+"host name during a SASL bind"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:248
+msgid "entryUSN attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:249
+msgid "lastUSN attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:251
+msgid ""
+"How long to retain a connection to the LDAP server before disconnecting"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:253
+msgid "Disable the LDAP paging control"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:254
+msgid "Disable Active Directory range retrieval"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:257
+msgid "Length of time to wait for a search request"
+msgstr "搜尋請求的等候時間長度"
+
+#: src/config/SSSDConfig/__init__.py.in:258
+msgid "Length of time to wait for a enumeration request"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:259
+msgid "Length of time between enumeration updates"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:260
+msgid "Length of time between cache cleanups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:261
+msgid "Require TLS for ID lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:262
+msgid "Use ID-mapping of objectSID instead of pre-set IDs"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:263
+msgid "Base DN for user lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:264
+msgid "Scope of user lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:265
+msgid "Filter for user lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:266
+msgid "Objectclass for users"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:267
+msgid "Username attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:269
+msgid "UID attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:270
+msgid "Primary GID attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:271
+msgid "GECOS attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:272
+msgid "Home directory attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:273
+msgid "Shell attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:310
+msgid "objectSID attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:275
+msgid "Active Directory primary group attribute for ID-mapping"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:276
+msgid "User principal attribute (for Kerberos)"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:277
+msgid "Full Name"
+msgstr "全名"
+
+#: src/config/SSSDConfig/__init__.py.in:278
+msgid "memberOf attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:279
+msgid "Modification time attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:281
+msgid "shadowLastChange attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:282
+msgid "shadowMin attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:283
+msgid "shadowMax attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:284
+msgid "shadowWarning attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:285
+msgid "shadowInactive attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:286
+msgid "shadowExpire attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:287
+msgid "shadowFlag attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:288
+msgid "Attribute listing authorized PAM services"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:289
+msgid "Attribute listing authorized server hosts"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:290
+msgid "krbLastPwdChange attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:291
+msgid "krbPasswordExpiration attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:292
+msgid "Attribute indicating that server side password policies are active"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:293
+msgid "accountExpires attribute of AD"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:294
+msgid "userAccountControl attribute of AD"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:295
+msgid "nsAccountLock attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:296
+msgid "loginDisabled attribute of NDS"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:297
+msgid "loginExpirationTime attribute of NDS"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:298
+msgid "loginAllowedTimeMap attribute of NDS"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:299
+msgid "SSH public key attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:300
+msgid "A list of extra attributes to download along with the user entry"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:302
+msgid "Base DN for group lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:305
+msgid "Objectclass for groups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:306
+msgid "Group name"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:307
+msgid "Group password"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:308
+msgid "GID attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:309
+msgid "Group member attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:311
+msgid "Modification time attribute for groups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:312
+msgid "Type of the group and other flags"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:314
+msgid "Maximum nesting level SSSd will follow"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:316
+msgid "Base DN for netgroup lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:317
+msgid "Objectclass for netgroups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:318
+msgid "Netgroup name"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:319
+msgid "Netgroups members attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:320
+msgid "Netgroup triple attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:321
+msgid "Modification time attribute for netgroups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:323
+msgid "Base DN for service lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:324
+msgid "Objectclass for services"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:325
+msgid "Service name attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:326
+msgid "Service port attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:327
+msgid "Service protocol attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:330
+msgid "Lower bound for ID-mapping"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:331
+msgid "Upper bound for ID-mapping"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:332
+msgid "Number of IDs for each slice when ID-mapping"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:333
+msgid "Use autorid-compatible algorithm for ID-mapping"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:334
+msgid "Name of the default domain for ID-mapping"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:335
+msgid "SID of the default domain for ID-mapping"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:337
+msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:338
+msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:339
+msgid "Whether to use Token-Groups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:340
+msgid "Set lower boundary for allowed IDs from the LDAP server"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:341
+msgid "Set upper boundary for allowed IDs from the LDAP server"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:342
+msgid "DN for ppolicy queries"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:345
+msgid "Policy to evaluate the password expiration"
+msgstr "評估密碼過期時效的策略"
+
+#: src/config/SSSDConfig/__init__.py.in:349
+msgid "Which attributes shall be used to evaluate if an account is expired"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:350
+msgid "Which rules should be used to evaluate access control"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:353
+msgid "URI of an LDAP server where password changes are allowed"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:354
+msgid "URI of a backup LDAP server where password changes are allowed"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:355
+msgid "DNS service name for LDAP password change server"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:356
+msgid ""
+"Whether to update the ldap_user_shadow_last_change attribute after a "
+"password change"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:359
+msgid "Base DN for sudo rules lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:360
+msgid "Automatic full refresh period"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:361
+msgid "Automatic smart refresh period"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:362
+msgid "Whether to filter rules by hostname, IP addresses and network"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:363
+msgid ""
+"Hostnames and/or fully qualified domain names of this machine to filter sudo "
+"rules"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:364
+msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:365
+msgid "Whether to include rules that contains netgroup in host attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:366
+msgid ""
+"Whether to include rules that contains regular expression in host attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:367
+msgid "Object class for sudo rules"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:368
+msgid "Sudo rule name"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:369
+msgid "Sudo rule command attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:370
+msgid "Sudo rule host attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:371
+msgid "Sudo rule user attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:372
+msgid "Sudo rule option attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:373
+msgid "Sudo rule runas attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:374
+msgid "Sudo rule runasuser attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:375
+msgid "Sudo rule runasgroup attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:376
+msgid "Sudo rule notbefore attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:377
+msgid "Sudo rule notafter attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:378
+msgid "Sudo rule order attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:381
+msgid "Object class for automounter maps"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:382
+msgid "Automounter map name attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:383
+msgid "Object class for automounter map entries"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:384
+msgid "Automounter map entry key attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:385
+msgid "Automounter map entry value attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:386
+msgid "Base DN for automounter map lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:389
+msgid "Comma separated list of allowed users"
+msgstr "許可的使用者清單,請使用半形逗號作為分隔"
+
+#: src/config/SSSDConfig/__init__.py.in:390
+msgid "Comma separated list of prohibited users"
+msgstr "被禁止的使用者清單,請使用半形逗號作為分隔"
+
+#: src/config/SSSDConfig/__init__.py.in:393
+msgid "Default shell, /bin/bash"
+msgstr "預設 shell,/bin/bash"
+
+#: src/config/SSSDConfig/__init__.py.in:394
+msgid "Base for home directories"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:397
+msgid "The name of the NSS library to use"
+msgstr "要使用的 NSS 函式庫名稱"
+
+#: src/config/SSSDConfig/__init__.py.in:398
+msgid "Whether to look up canonical group name from cache if possible"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:401
+msgid "PAM stack to use"
+msgstr "要使用的 PAM 堆疊"
+
+#: src/monitor/monitor.c:2680
+msgid "Become a daemon (default)"
+msgstr "作為幕後程式 (預設)"
+
+#: src/monitor/monitor.c:2682
+msgid "Run interactive (not a daemon)"
+msgstr "以互動方式執行 (非幕後程式)"
+
+#: src/monitor/monitor.c:2684 src/tools/sss_debuglevel.c:71
+msgid "Specify a non-default config file"
+msgstr "指定非預設的配置檔"
+
+#: src/monitor/monitor.c:2686
+msgid "Print version number and exit"
+msgstr ""
+
+#: src/providers/krb5/krb5_child.c:1975 src/providers/ldap/ldap_child.c:480
+#: src/util/util.h:108
+msgid "Debug level"
+msgstr "除錯層級"
+
+#: src/providers/krb5/krb5_child.c:1977 src/providers/ldap/ldap_child.c:482
+#: src/util/util.h:114
+msgid "Add debug timestamps"
+msgstr "加入除錯時間戳記"
+
+#: src/providers/krb5/krb5_child.c:1979 src/providers/ldap/ldap_child.c:484
+#: src/util/util.h:116
+msgid "Show timestamps with microseconds"
+msgstr ""
+
+#: src/providers/krb5/krb5_child.c:1981 src/providers/ldap/ldap_child.c:486
+msgid "An open file descriptor for the debug logs"
+msgstr ""
+
+#: src/providers/krb5/krb5_child.c:1984 src/providers/ldap/ldap_child.c:488
+#: src/util/util.h:112
+msgid "Send the debug output to stderr directly."
+msgstr ""
+
+#: src/providers/data_provider_be.c:2812
+msgid "Domain of the information provider (mandatory)"
+msgstr ""
+
+#: src/sss_client/common.c:946
+msgid "Privileged socket has wrong ownership or permissions."
+msgstr ""
+
+#: src/sss_client/common.c:949
+msgid "Public socket has wrong ownership or permissions."
+msgstr ""
+
+#: src/sss_client/common.c:952
+msgid "Unexpected format of the server credential message."
+msgstr ""
+
+#: src/sss_client/common.c:955
+msgid "SSSD is not run by root."
+msgstr ""
+
+#: src/sss_client/common.c:960
+msgid "An error occurred, but no description can be found."
+msgstr ""
+
+#: src/sss_client/common.c:966
+msgid "Unexpected error while looking for an error description"
+msgstr ""
+
+#: src/sss_client/pam_sss.c:393
+msgid "Passwords do not match"
+msgstr "密碼不相符"
+
+#: src/sss_client/pam_sss.c:581
+msgid "Password reset by root is not supported."
+msgstr ""
+
+#: src/sss_client/pam_sss.c:622
+msgid "Authenticated with cached credentials"
+msgstr ""
+
+#: src/sss_client/pam_sss.c:623
+msgid ", your cached password will expire at: "
+msgstr ",您快取的密碼將在此刻過期:"
+
+#: src/sss_client/pam_sss.c:653
+#, c-format
+msgid "Your password has expired. You have %1$d grace login(s) remaining."
+msgstr ""
+
+#: src/sss_client/pam_sss.c:699
+#, c-format
+msgid "Your password will expire in %1$d %2$s."
+msgstr ""
+
+#: src/sss_client/pam_sss.c:748
+msgid "Authentication is denied until: "
+msgstr ""
+
+#: src/sss_client/pam_sss.c:769
+msgid "System is offline, password change not possible"
+msgstr "系統已離線,不可能作密碼變更"
+
+#: src/sss_client/pam_sss.c:784
+msgid ""
+"After changing the OTP password, you need to log out and back in order to "
+"acquire a ticket"
+msgstr ""
+
+#: src/sss_client/pam_sss.c:815 src/sss_client/pam_sss.c:828
+msgid "Password change failed. "
+msgstr "密碼變更失敗。"
+
+#: src/sss_client/pam_sss.c:818 src/sss_client/pam_sss.c:829
+msgid "Server message: "
+msgstr "伺服器訊息:"
+
+#: src/sss_client/pam_sss.c:1260
+msgid "New Password: "
+msgstr "新密碼:"
+
+#: src/sss_client/pam_sss.c:1261
+msgid "Reenter new Password: "
+msgstr "再次輸入新密碼:"
+
+#: src/sss_client/pam_sss.c:1360
+msgid "Password: "
+msgstr "密碼:"
+
+#: src/sss_client/pam_sss.c:1392
+msgid "Current Password: "
+msgstr "目前的密碼:"
+
+#: src/sss_client/pam_sss.c:1562
+msgid "Password expired. Change your password now."
+msgstr "密碼已過期。請立刻變更您的密碼。"
+
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:40
+#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 src/tools/sss_useradd.c:48
+#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44
+#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:655
+#: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47
+#: src/tools/sss_cache.c:586 src/tools/sss_debuglevel.c:69
+msgid "The debug level to run with"
+msgstr ""
+
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:42
+#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:196
+msgid "The SSSD domain to use"
+msgstr ""
+
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:57 src/tools/sss_useradd.c:74
+#: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54
+#: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:667
+#: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79
+#: src/tools/sss_cache.c:626
+msgid "Error setting the locale\n"
+msgstr "設定區域設置時發生錯誤\n"
+
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:64
+msgid "Not enough memory\n"
+msgstr ""
+
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:83
+msgid "User not specified\n"
+msgstr ""
+
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:92
+msgid "Error looking up public keys\n"
+msgstr ""
+
+#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:194
+msgid "The port to use to connect to the host"
+msgstr ""
+
+#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:238
+msgid "Invalid port\n"
+msgstr ""
+
+#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:243
+msgid "Host not specified\n"
+msgstr ""
+
+#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:249
+msgid "The path to the proxy command must be absolute\n"
+msgstr ""
+
+#: src/tools/sss_useradd.c:49 src/tools/sss_usermod.c:48
+msgid "The UID of the user"
+msgstr "使用者的 UID"
+
+#: src/tools/sss_useradd.c:50 src/tools/sss_usermod.c:50
+msgid "The comment string"
+msgstr "註解字串"
+
+#: src/tools/sss_useradd.c:51 src/tools/sss_usermod.c:51
+msgid "Home directory"
+msgstr "家目錄"
+
+#: src/tools/sss_useradd.c:52 src/tools/sss_usermod.c:52
+msgid "Login shell"
+msgstr "登入用 shell"
+
+#: src/tools/sss_useradd.c:53
+msgid "Groups"
+msgstr "群組"
+
+#: src/tools/sss_useradd.c:54
+msgid "Create user's directory if it does not exist"
+msgstr "如果使用者的目錄不存在便將它建立"
+
+#: src/tools/sss_useradd.c:55
+msgid "Never create user's directory, overrides config"
+msgstr "永遠不建立使用者的目錄,凌駕配置"
+
+#: src/tools/sss_useradd.c:56
+msgid "Specify an alternative skeleton directory"
+msgstr "指定替代的骨幹目錄"
+
+#: src/tools/sss_useradd.c:57 src/tools/sss_usermod.c:60
+msgid "The SELinux user for user's login"
+msgstr ""
+
+#: src/tools/sss_useradd.c:87 src/tools/sss_groupmod.c:79
+#: src/tools/sss_usermod.c:92
+msgid "Specify group to add to\n"
+msgstr ""
+
+#: src/tools/sss_useradd.c:111
+msgid "Specify user to add\n"
+msgstr "指定要加入的使用者\n"
+
+#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86
+#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113
+#: src/tools/sss_groupshow.c:701 src/tools/sss_userdel.c:198
+#: src/tools/sss_usermod.c:162
+msgid "Error initializing the tools - no local domain\n"
+msgstr "初始化工具時發生錯誤 - 沒有本機網域\n"
+
+#: src/tools/sss_useradd.c:123 src/tools/sss_groupadd.c:88
+#: src/tools/sss_groupdel.c:82 src/tools/sss_groupmod.c:115
+#: src/tools/sss_groupshow.c:703 src/tools/sss_userdel.c:200
+#: src/tools/sss_usermod.c:164
+msgid "Error initializing the tools\n"
+msgstr "初始化工具時發生錯誤\n"
+
+#: src/tools/sss_useradd.c:132 src/tools/sss_groupadd.c:97
+#: src/tools/sss_groupdel.c:91 src/tools/sss_groupmod.c:123
+#: src/tools/sss_groupshow.c:712 src/tools/sss_userdel.c:209
+#: src/tools/sss_usermod.c:173
+msgid "Invalid domain specified in FQDN\n"
+msgstr "在 FQDN 內指定了無效的網域\n"
+
+#: src/tools/sss_useradd.c:142 src/tools/sss_groupmod.c:144
+#: src/tools/sss_groupmod.c:173 src/tools/sss_usermod.c:197
+#: src/tools/sss_usermod.c:226
+msgid "Internal error while parsing parameters\n"
+msgstr "當解析參數時發生內部錯誤\n"
+
+#: src/tools/sss_useradd.c:151 src/tools/sss_usermod.c:206
+#: src/tools/sss_usermod.c:235
+msgid "Groups must be in the same domain as user\n"
+msgstr "群組必須位於與使用者相同的網域內\n"
+
+#: src/tools/sss_useradd.c:159
+#, c-format
+msgid "Cannot find group %1$s in local domain\n"
+msgstr ""
+
+#: src/tools/sss_useradd.c:174 src/tools/sss_userdel.c:219
+msgid "Cannot set default values\n"
+msgstr "無法設定預設值\n"
+
+#: src/tools/sss_useradd.c:181 src/tools/sss_usermod.c:187
+msgid "The selected UID is outside the allowed range\n"
+msgstr "所選的 UID 位於許可的範圍外\n"
+
+#: src/tools/sss_useradd.c:210 src/tools/sss_usermod.c:305
+msgid "Cannot set SELinux login context\n"
+msgstr ""
+
+#: src/tools/sss_useradd.c:224
+msgid "Cannot get info about the user\n"
+msgstr "無法取得關於這位使用者的資訊\n"
+
+#: src/tools/sss_useradd.c:236
+msgid "User's home directory already exists, not copying data from skeldir\n"
+msgstr "使用者的家目錄已經存在,不會從骨幹目錄複製資料\n"
+
+#: src/tools/sss_useradd.c:239
+#, c-format
+msgid "Cannot create user's home directory: %1$s\n"
+msgstr ""
+
+#: src/tools/sss_useradd.c:250
+#, c-format
+msgid "Cannot create user's mail spool: %1$s\n"
+msgstr ""
+
+#: src/tools/sss_useradd.c:270
+msgid "Could not allocate ID for the user - domain full?\n"
+msgstr "無法為使用者分配 ID - 網域已滿?\n"
+
+#: src/tools/sss_useradd.c:274
+msgid "A user or group with the same name or ID already exists\n"
+msgstr "已經存在相同名稱的使用者或群組\n"
+
+#: src/tools/sss_useradd.c:280
+msgid "Transaction error. Could not add user.\n"
+msgstr "處理事項發生錯誤。無法加入使用者。\n"
+
+#: src/tools/sss_groupadd.c:43 src/tools/sss_groupmod.c:48
+msgid "The GID of the group"
+msgstr "群組的 GID"
+
+#: src/tools/sss_groupadd.c:76
+msgid "Specify group to add\n"
+msgstr "指定要加入的群組\n"
+
+#: src/tools/sss_groupadd.c:106 src/tools/sss_groupmod.c:198
+msgid "The selected GID is outside the allowed range\n"
+msgstr "所選的 GID 位於許可的範圍外\n"
+
+#: src/tools/sss_groupadd.c:143
+msgid "Could not allocate ID for the group - domain full?\n"
+msgstr "無法為群組分配 ID - 網域已滿?\n"
+
+#: src/tools/sss_groupadd.c:147
+msgid "A group with the same name or GID already exists\n"
+msgstr "已經存在相同名稱的群組或 GID\n"
+
+#: src/tools/sss_groupadd.c:153
+msgid "Transaction error. Could not add group.\n"
+msgstr "處理事項發生錯誤。無法加入群組。\n"
+
+#: src/tools/sss_groupdel.c:70
+msgid "Specify group to delete\n"
+msgstr "指定要刪除的群組\n"
+
+#: src/tools/sss_groupdel.c:104
+#, c-format
+msgid "Group %1$s is outside the defined ID range for domain\n"
+msgstr ""
+
+#: src/tools/sss_groupdel.c:119 src/tools/sss_groupmod.c:225
+#: src/tools/sss_groupmod.c:232 src/tools/sss_groupmod.c:239
+#: src/tools/sss_userdel.c:295 src/tools/sss_usermod.c:282
+#: src/tools/sss_usermod.c:289 src/tools/sss_usermod.c:296
+#, c-format
+msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n"
+msgstr ""
+
+#: src/tools/sss_groupdel.c:132
+msgid ""
+"No such group in local domain. Removing groups only allowed in local domain."
+"\n"
+msgstr "在本機網域內沒有這樣的群組。只許可在本機網域內移除群組。\n"
+
+#: src/tools/sss_groupdel.c:137
+msgid "Internal error. Could not remove group.\n"
+msgstr "內部錯誤。無法移除群組。\n"
+
+#: src/tools/sss_groupmod.c:44
+msgid "Groups to add this group to"
+msgstr ""
+
+#: src/tools/sss_groupmod.c:46
+msgid "Groups to remove this group from"
+msgstr ""
+
+#: src/tools/sss_groupmod.c:87 src/tools/sss_usermod.c:100
+msgid "Specify group to remove from\n"
+msgstr ""
+
+#: src/tools/sss_groupmod.c:101
+msgid "Specify group to modify\n"
+msgstr "指定要修改的群組\n"
+
+#: src/tools/sss_groupmod.c:130
+msgid ""
+"Cannot find group in local domain, modifying groups is allowed only in local "
+"domain\n"
+msgstr "在本機網域內找不到群組,只許可在本機網域內修改群組\n"
+
+#: src/tools/sss_groupmod.c:153 src/tools/sss_groupmod.c:182
+msgid "Member groups must be in the same domain as parent group\n"
+msgstr "成員群組必須位於與親代群組相同的網域內\n"
+
+#: src/tools/sss_groupmod.c:161 src/tools/sss_groupmod.c:190
+#: src/tools/sss_usermod.c:214 src/tools/sss_usermod.c:243
+#, c-format
+msgid ""
+"Cannot find group %1$s in local domain, only groups in local domain are "
+"allowed\n"
+msgstr ""
+
+#: src/tools/sss_groupmod.c:257
+msgid "Could not modify group - check if member group names are correct\n"
+msgstr ""
+
+#: src/tools/sss_groupmod.c:261
+msgid "Could not modify group - check if groupname is correct\n"
+msgstr "無法修改群組 - 請檢查群組名稱是否正確\n"
+
+#: src/tools/sss_groupmod.c:265
+msgid "Transaction error. Could not modify group.\n"
+msgstr "處理事項發生錯誤。無法修改群組。\n"
+
+#: src/tools/sss_groupshow.c:602
+#, c-format
+msgid "%1$s%2$sGroup: %3$s\n"
+msgstr ""
+
+#: src/tools/sss_groupshow.c:603
+msgid "Magic Private "
+msgstr "魔法隱私"
+
+#: src/tools/sss_groupshow.c:605
+#, c-format
+msgid "%1$sGID number: %2$d\n"
+msgstr ""
+
+#: src/tools/sss_groupshow.c:607
+#, c-format
+msgid "%1$sMember users: "
+msgstr ""
+
+#: src/tools/sss_groupshow.c:614
+#, c-format
+msgid "\n"
+"%1$sIs a member of: "
+msgstr ""
+
+#: src/tools/sss_groupshow.c:621
+#, c-format
+msgid "\n"
+"%1$sMember groups: "
+msgstr ""
+
+#: src/tools/sss_groupshow.c:657
+msgid "Print indirect group members recursively"
+msgstr "遞迴地列出間接的群組成員"
+
+#: src/tools/sss_groupshow.c:691
+msgid "Specify group to show\n"
+msgstr "指定要顯示的群組\n"
+
+#: src/tools/sss_groupshow.c:731
+msgid ""
+"No such group in local domain. Printing groups only allowed in local domain."
+"\n"
+msgstr "本機網域內沒有這樣的群組。只許可在本機網域內列出群組。\n"
+
+#: src/tools/sss_groupshow.c:736
+msgid "Internal error. Could not print group.\n"
+msgstr "內部錯誤。無法列出群組。\n"
+
+#: src/tools/sss_userdel.c:136
+msgid "Remove home directory and mail spool"
+msgstr ""
+
+#: src/tools/sss_userdel.c:138
+msgid "Do not remove home directory and mail spool"
+msgstr ""
+
+#: src/tools/sss_userdel.c:140
+msgid "Force removal of files not owned by the user"
+msgstr "強制檔案的移除並非由使用者所擁有"
+
+#: src/tools/sss_userdel.c:142
+msgid "Kill users' processes before removing him"
+msgstr ""
+
+#: src/tools/sss_userdel.c:188
+msgid "Specify user to delete\n"
+msgstr "指定要刪除的使用者\n"
+
+#: src/tools/sss_userdel.c:234
+#, c-format
+msgid "User %1$s is outside the defined ID range for domain\n"
+msgstr ""
+
+#: src/tools/sss_userdel.c:259
+msgid "Cannot reset SELinux login context\n"
+msgstr ""
+
+#: src/tools/sss_userdel.c:271
+#, c-format
+msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n"
+msgstr ""
+
+#: src/tools/sss_userdel.c:276
+msgid "Cannot determine if the user was logged in on this platform"
+msgstr ""
+
+#: src/tools/sss_userdel.c:281
+msgid "Error while checking if the user was logged in\n"
+msgstr ""
+
+#: src/tools/sss_userdel.c:288
+#, c-format
+msgid "The post-delete command failed: %1$s\n"
+msgstr ""
+
+#: src/tools/sss_userdel.c:308
+msgid "Not removing home dir - not owned by user\n"
+msgstr "不會移除家目錄 - 並非由使用者所擁有\n"
+
+#: src/tools/sss_userdel.c:310
+#, c-format
+msgid "Cannot remove homedir: %1$s\n"
+msgstr ""
+
+#: src/tools/sss_userdel.c:324
+msgid ""
+"No such user in local domain. Removing users only allowed in local domain.\n"
+msgstr "在本機網域內沒有這樣的使用者。只許可在本機網域內移除使用者。\n"
+
+#: src/tools/sss_userdel.c:329
+msgid "Internal error. Could not remove user.\n"
+msgstr "內部錯誤。無法移除使用者。\n"
+
+#: src/tools/sss_usermod.c:49
+msgid "The GID of the user"
+msgstr "使用者的 GID"
+
+#: src/tools/sss_usermod.c:53
+msgid "Groups to add this user to"
+msgstr ""
+
+#: src/tools/sss_usermod.c:54
+msgid "Groups to remove this user from"
+msgstr ""
+
+#: src/tools/sss_usermod.c:55
+msgid "Lock the account"
+msgstr "鎖住這個帳號"
+
+#: src/tools/sss_usermod.c:56
+msgid "Unlock the account"
+msgstr "解除這個帳號的鎖"
+
+#: src/tools/sss_usermod.c:57
+msgid "Add an attribute/value pair. The format is attrname=value."
+msgstr ""
+
+#: src/tools/sss_usermod.c:58
+msgid "Delete an attribute/value pair. The format is attrname=value."
+msgstr ""
+
+#: src/tools/sss_usermod.c:59
+msgid ""
+"Set an attribute to a name/value pair. The format is attrname=value. For "
+"multi-valued attributes, the command replaces the values already present"
+msgstr ""
+
+#: src/tools/sss_usermod.c:117 src/tools/sss_usermod.c:126
+#: src/tools/sss_usermod.c:135
+msgid "Specify the attribute name/value pair(s)\n"
+msgstr ""
+
+#: src/tools/sss_usermod.c:152
+msgid "Specify user to modify\n"
+msgstr "指定要修改的使用者\n"
+
+#: src/tools/sss_usermod.c:180
+msgid ""
+"Cannot find user in local domain, modifying users is allowed only in local "
+"domain\n"
+msgstr "在本機網域內找不到使用者,只許可在本機網域內修改使用者\n"
+
+#: src/tools/sss_usermod.c:322
+msgid "Could not modify user - check if group names are correct\n"
+msgstr "無法修改使用者 - 請檢查群組名稱是否正確\n"
+
+#: src/tools/sss_usermod.c:326
+msgid "Could not modify user - user already member of groups?\n"
+msgstr "無法修改使用者 - 使用者是否已經是群組的成員?\n"
+
+#: src/tools/sss_usermod.c:330
+msgid "Transaction error. Could not modify user.\n"
+msgstr "處理事項發生錯誤。無法修改使用者。\n"
+
+#: src/tools/sss_cache.c:188
+msgid "No cache object matched the specified search\n"
+msgstr ""
+
+#: src/tools/sss_cache.c:430
+#, c-format
+msgid "Couldn't invalidate %1$s"
+msgstr ""
+
+#: src/tools/sss_cache.c:437
+#, c-format
+msgid "Couldn't invalidate %1$s %2$s"
+msgstr ""
+
+#: src/tools/sss_cache.c:588
+msgid "Invalidate all cached entries except for sudo rules"
+msgstr ""
+
+#: src/tools/sss_cache.c:590
+msgid "Invalidate particular user"
+msgstr ""
+
+#: src/tools/sss_cache.c:592
+msgid "Invalidate all users"
+msgstr ""
+
+#: src/tools/sss_cache.c:594
+msgid "Invalidate particular group"
+msgstr ""
+
+#: src/tools/sss_cache.c:596
+msgid "Invalidate all groups"
+msgstr ""
+
+#: src/tools/sss_cache.c:598
+msgid "Invalidate particular netgroup"
+msgstr ""
+
+#: src/tools/sss_cache.c:600
+msgid "Invalidate all netgroups"
+msgstr ""
+
+#: src/tools/sss_cache.c:602
+msgid "Invalidate particular service"
+msgstr ""
+
+#: src/tools/sss_cache.c:604
+msgid "Invalidate all services"
+msgstr ""
+
+#: src/tools/sss_cache.c:607
+msgid "Invalidate particular autofs map"
+msgstr ""
+
+#: src/tools/sss_cache.c:609
+msgid "Invalidate all autofs maps"
+msgstr ""
+
+#: src/tools/sss_cache.c:613
+msgid "Invalidate particular SSH host"
+msgstr ""
+
+#: src/tools/sss_cache.c:615
+msgid "Invalidate all SSH hosts"
+msgstr ""
+
+#: src/tools/sss_cache.c:618
+msgid "Only invalidate entries from a particular domain"
+msgstr ""
+
+#: src/tools/sss_cache.c:667
+msgid "Please select at least one object to invalidate\n"
+msgstr ""
+
+#: src/tools/sss_cache.c:750
+#, c-format
+msgid ""
+"Could not open domain %1$s. If the domain is a subdomain (trusted domain), "
+"use fully qualified name instead of --domain/-d parameter.\n"
+msgstr ""
+
+#: src/tools/sss_cache.c:754
+msgid "Could not open available domains\n"
+msgstr ""
+
+#: src/tools/sss_debuglevel.c:40
+msgid "\n"
+msgstr ""
+
+#: src/tools/sss_debuglevel.c:96
+msgid "Specify debug level you want to set\n"
+msgstr ""
+
+#: src/tools/sss_debuglevel.c:102
+msgid "Only one argument expected\n"
+msgstr ""
+
+#: src/tools/tools_util.c:204
+#, c-format
+msgid "Name '%1$s' does not seem to be FQDN ('%2$s = TRUE' is set)\n"
+msgstr ""
+
+#: src/tools/tools_util.c:309
+msgid "Out of memory\n"
+msgstr "記憶體耗盡\n"
+
+#: src/tools/tools_util.h:43
+#, c-format
+msgid "%1$s must be run as root\n"
+msgstr ""
+
+#: src/util/util.h:110
+msgid "Send the debug output to files instead of stderr"
+msgstr "傳送除錯輸出到檔案而不是標準輸出"
diff --git a/po/zh_CN.po b/po/zh_CN.po
index c10d25dbf..5bfc43c8c 100644
--- a/po/zh_CN.po
+++ b/po/zh_CN.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2015-02-18 16:53+0100\n"
+"POT-Creation-Date: 2015-06-12 10:37+0200\n"
"PO-Revision-Date: 2014-06-04 02:04-0400\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Chinese (China) (http://www.transifex.com/projects/p/sssd/"
@@ -18,7 +18,7 @@ msgstr ""
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=1; plural=0;\n"
-"X-Generator: Zanata 3.5.1\n"
+"X-Generator: Zanata 3.6.2\n"
#: src/config/SSSDConfig/__init__.py.in:43
msgid "Set the verbosity of the debug logging"
@@ -104,7 +104,7 @@ msgid "Entry cache background update timeout length (seconds)"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:67
-#: src/config/SSSDConfig/__init__.py.in:96
+#: src/config/SSSDConfig/__init__.py.in:97
msgid "Negative cache timeout length (seconds)"
msgstr ""
@@ -198,1023 +198,1035 @@ msgstr ""
msgid "List of domains accessible even for untrusted users."
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:93
+#: src/config/SSSDConfig/__init__.py.in:91
+msgid "Message printed when user account is expired."
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:94
msgid "Whether to evaluate the time-based attributes in sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:99
+#: src/config/SSSDConfig/__init__.py.in:100
msgid "Whether to hash host names and addresses in the known_hosts file"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:100
+#: src/config/SSSDConfig/__init__.py.in:101
msgid ""
"How many seconds to keep a host in the known_hosts file after its host keys "
"were requested"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:103
+#: src/config/SSSDConfig/__init__.py.in:104
msgid "List of UIDs or user names allowed to access the PAC responder"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:106
+#: src/config/SSSDConfig/__init__.py.in:107
msgid "List of UIDs or user names allowed to access the InfoPipe responder"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:107
+#: src/config/SSSDConfig/__init__.py.in:108
msgid "List of user attributes the InfoPipe is allowed to publish"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:110
+#: src/config/SSSDConfig/__init__.py.in:111
msgid "Identity provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:111
+#: src/config/SSSDConfig/__init__.py.in:112
msgid "Authentication provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:112
+#: src/config/SSSDConfig/__init__.py.in:113
msgid "Access control provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:113
+#: src/config/SSSDConfig/__init__.py.in:114
msgid "Password change provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:114
+#: src/config/SSSDConfig/__init__.py.in:115
msgid "SUDO provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:115
+#: src/config/SSSDConfig/__init__.py.in:116
msgid "Autofs provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:116
+#: src/config/SSSDConfig/__init__.py.in:117
msgid "Session-loading provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:117
+#: src/config/SSSDConfig/__init__.py.in:118
msgid "Host identity provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:120
+#: src/config/SSSDConfig/__init__.py.in:121
msgid "Minimum user ID"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:121
+#: src/config/SSSDConfig/__init__.py.in:122
msgid "Maximum user ID"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:122
+#: src/config/SSSDConfig/__init__.py.in:123
msgid "Enable enumerating all users/groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:123
+#: src/config/SSSDConfig/__init__.py.in:124
msgid "Cache credentials for offline login"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:124
+#: src/config/SSSDConfig/__init__.py.in:125
msgid "Store password hashes"
msgstr "保存密码哈希值"
-#: src/config/SSSDConfig/__init__.py.in:125
+#: src/config/SSSDConfig/__init__.py.in:126
msgid "Display users/groups in fully-qualified form"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:126
+#: src/config/SSSDConfig/__init__.py.in:127
msgid "Don't include group members in group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:127
-#: src/config/SSSDConfig/__init__.py.in:134
+#: src/config/SSSDConfig/__init__.py.in:128
#: src/config/SSSDConfig/__init__.py.in:135
#: src/config/SSSDConfig/__init__.py.in:136
#: src/config/SSSDConfig/__init__.py.in:137
#: src/config/SSSDConfig/__init__.py.in:138
#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "Entry cache timeout length (seconds)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:128
+#: src/config/SSSDConfig/__init__.py.in:129
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:129
+#: src/config/SSSDConfig/__init__.py.in:130
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:130
+#: src/config/SSSDConfig/__init__.py.in:131
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "The domain part of service discovery DNS query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "Override GID value from the identity provider with this value"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Treat usernames as case sensitive"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "How often should expired entries be refreshed in background"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "Whether to automatically update the client's DNS entry"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:142
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:143
+#: src/config/SSSDConfig/__init__.py.in:159
msgid "The TTL to apply to the client's DNS entry after updating it"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:143
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:145
msgid "How often to periodically update the client's DNS entry"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:146
msgid "Whether the provider should explicitly update the PTR record as well"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:147
msgid "Whether the nsupdate utility should default to using TCP"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "What kind of authentication should be used to perform the DNS update"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:148
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "Control enumeration of trusted domains"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:149
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "How often should subdomains list be refreshed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:152
+#: src/config/SSSDConfig/__init__.py.in:151
+msgid "List of options that should be inherited into a subdomain"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:154
msgid "IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:155
msgid "IPA server address"
msgstr "IPA 服务器地址"
-#: src/config/SSSDConfig/__init__.py.in:154
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Address of backup IPA server"
msgstr "IPA 备份服务器地址"
-#: src/config/SSSDConfig/__init__.py.in:155
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "IPA client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:156
+#: src/config/SSSDConfig/__init__.py.in:158
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:161
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:160
+#: src/config/SSSDConfig/__init__.py.in:162
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:161
+#: src/config/SSSDConfig/__init__.py.in:163
msgid ""
"The amount of time in seconds between lookups of the SELinux maps against "
"the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:162
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "The automounter location this IPA client is using"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Search base for object containing info about IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:168
msgid "Search base for objects containing info about ID ranges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:167
-#: src/config/SSSDConfig/__init__.py.in:181
+#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:183
msgid "Enable DNS sites - location based service discovery"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:168
+#: src/config/SSSDConfig/__init__.py.in:170
msgid "Search base for view containers"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:171
msgid "Objectclass for view containers"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:170
+#: src/config/SSSDConfig/__init__.py.in:172
msgid "Attribute with the name of the view"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
msgid "Objectclass for override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:172
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Attribute with the reference to the original object"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:175
msgid "Objectclass for user override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:176
msgid "Objectclass for group override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "Active Directory domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "Active Directory server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "Active Directory backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "Active Directory client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:182
-#: src/config/SSSDConfig/__init__.py.in:357
+#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:360
msgid "LDAP filter to determine access privileges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:183
+#: src/config/SSSDConfig/__init__.py.in:185
msgid "Whether to use the Global Catalog for lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Operation mode for GPO-based access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:187
msgid ""
"The amount of time between lookups of the GPO policy files against the AD "
"server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:186
+#: src/config/SSSDConfig/__init__.py.in:188
msgid ""
"PAM service names that map to the GPO (Deny)InteractiveLogonRight policy "
"settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:189
msgid ""
"PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight "
"policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:190
msgid ""
"PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:191
msgid ""
"PAM service names that map to the GPO (Deny)BatchLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:192
msgid ""
"PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "PAM service names for which GPO-based access is always granted"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "PAM service names for which GPO-based access is always denied"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:195
msgid ""
"Default logon right (or permit/deny) to use for unmapped PAM service names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "a particular site to be used by the client"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:197
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "Kerberos server address"
msgstr "Kerberos 服务器地址"
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Kerberos backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "Kerberos realm"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "Authentication timeout"
msgstr "验证超时"
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "Whether to create kdcinfo files"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "Where to drop krb5 config snippets"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "Directory to store credential caches"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:207
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "Location of the user's credential cache"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:210
msgid "Location of the keytab to validate credentials"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:209
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "Enable credential validation"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:212
msgid "Store password if offline for later online authentication"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:211
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:212
+#: src/config/SSSDConfig/__init__.py.in:214
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:215
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "Enables FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "Selects the principal to use for FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:218
msgid "Enables principal canonicalization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:217
+#: src/config/SSSDConfig/__init__.py.in:219
msgid "Enables enterprise principals"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:220
-#: src/config/SSSDConfig/__init__.py.in:221
-msgid "Server where the change password service is running if not on the KDC"
+msgid "A mapping from user names to kerberos principal names"
msgstr ""
+#: src/config/SSSDConfig/__init__.py.in:223
#: src/config/SSSDConfig/__init__.py.in:224
+msgid "Server where the change password service is running if not on the KDC"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:227
msgid "ldap_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:225
+#: src/config/SSSDConfig/__init__.py.in:228
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:226
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "The default base DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "The default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "The type of the authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "The authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:231
+#: src/config/SSSDConfig/__init__.py.in:234
msgid "Length of time to attempt connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Length of time to attempt synchronous LDAP operations"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "Length of time between attempts to reconnect while offline"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "File that contains CA certificates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Path to CA certificate directory"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:237
+#: src/config/SSSDConfig/__init__.py.in:240
msgid "File that contains the client certificate"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "File that contains the client key"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "Require TLS certificate verification"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "Specify the sasl mechanism to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "Specify the sasl authorization id to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "Specify the sasl authorization realm to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:244
+#: src/config/SSSDConfig/__init__.py.in:247
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Kerberos service keytab"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "Use Kerberos auth for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "Follow LDAP referrals"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "Lifetime of TGT for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:250
+#: src/config/SSSDConfig/__init__.py.in:253
msgid "Service name for DNS service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "entryUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "lastUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:260
+#: src/config/SSSDConfig/__init__.py.in:263
msgid "Disable the LDAP paging control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "Disable Active Directory range retrieval"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "Length of time to wait for a search request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "Length of time to wait for a enumeration request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "Length of time between enumeration updates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "Length of time between cache cleanups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "Require TLS for ID lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:269
+#: src/config/SSSDConfig/__init__.py.in:272
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:270
+#: src/config/SSSDConfig/__init__.py.in:273
msgid "Base DN for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:271
+#: src/config/SSSDConfig/__init__.py.in:274
msgid "Scope of user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:272
+#: src/config/SSSDConfig/__init__.py.in:275
msgid "Filter for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:273
+#: src/config/SSSDConfig/__init__.py.in:276
msgid "Objectclass for users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Username attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "UID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "Primary GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "GECOS attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:279
+#: src/config/SSSDConfig/__init__.py.in:282
msgid "Home directory attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "Shell attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
msgid "UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:282
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:322
msgid "objectSID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Active Directory primary group attribute for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:284
+#: src/config/SSSDConfig/__init__.py.in:287
msgid "User principal attribute (for Kerberos)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:288
msgid "Full Name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:286
+#: src/config/SSSDConfig/__init__.py.in:289
msgid "memberOf attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Modification time attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "shadowMin attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "shadowMax attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:292
+#: src/config/SSSDConfig/__init__.py.in:295
msgid "shadowWarning attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:293
+#: src/config/SSSDConfig/__init__.py.in:296
msgid "shadowInactive attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "shadowExpire attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "shadowFlag attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:296
+#: src/config/SSSDConfig/__init__.py.in:299
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:297
+#: src/config/SSSDConfig/__init__.py.in:300
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:298
+#: src/config/SSSDConfig/__init__.py.in:301
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:299
+#: src/config/SSSDConfig/__init__.py.in:302
msgid "krbPasswordExpiration attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:300
+#: src/config/SSSDConfig/__init__.py.in:303
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "accountExpires attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "nsAccountLock attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:304
+#: src/config/SSSDConfig/__init__.py.in:307
msgid "loginDisabled attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:305
+#: src/config/SSSDConfig/__init__.py.in:308
msgid "loginExpirationTime attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:306
+#: src/config/SSSDConfig/__init__.py.in:309
msgid "loginAllowedTimeMap attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "SSH public key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "A list of extra attributes to download along with the user entry"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:310
+#: src/config/SSSDConfig/__init__.py.in:313
msgid "Base DN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:313
+#: src/config/SSSDConfig/__init__.py.in:316
msgid "Objectclass for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "Group name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Group password"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid "GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:317
+#: src/config/SSSDConfig/__init__.py.in:320
msgid "Group member attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:318
+#: src/config/SSSDConfig/__init__.py.in:321
msgid "Group UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "Modification time attribute for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "Type of the group and other flags"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:323
+#: src/config/SSSDConfig/__init__.py.in:326
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Base DN for netgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Objectclass for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Netgroups members attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid "Netgroup triple attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "Modification time attribute for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:332
+#: src/config/SSSDConfig/__init__.py.in:335
msgid "Base DN for service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Objectclass for services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Service name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Service port attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Service protocol attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:339
+#: src/config/SSSDConfig/__init__.py.in:342
msgid "Lower bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:340
+#: src/config/SSSDConfig/__init__.py.in:343
msgid "Upper bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:343
+#: src/config/SSSDConfig/__init__.py.in:346
msgid "Name of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:344
+#: src/config/SSSDConfig/__init__.py.in:347
msgid "SID of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:347
+#: src/config/SSSDConfig/__init__.py.in:350
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:348
+#: src/config/SSSDConfig/__init__.py.in:351
msgid "Whether to use Token-Groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "Set lower boundary for allowed IDs from the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Set upper boundary for allowed IDs from the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:351
+#: src/config/SSSDConfig/__init__.py.in:354
msgid "DN for ppolicy queries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:354
+#: src/config/SSSDConfig/__init__.py.in:357
msgid "Policy to evaluate the password expiration"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:358
+#: src/config/SSSDConfig/__init__.py.in:361
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:359
+#: src/config/SSSDConfig/__init__.py.in:362
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:362
+#: src/config/SSSDConfig/__init__.py.in:365
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:363
+#: src/config/SSSDConfig/__init__.py.in:366
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:364
+#: src/config/SSSDConfig/__init__.py.in:367
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:365
+#: src/config/SSSDConfig/__init__.py.in:368
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:368
+#: src/config/SSSDConfig/__init__.py.in:371
msgid "Base DN for sudo rules lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:369
+#: src/config/SSSDConfig/__init__.py.in:372
msgid "Automatic full refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:370
+#: src/config/SSSDConfig/__init__.py.in:373
msgid "Automatic smart refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:371
+#: src/config/SSSDConfig/__init__.py.in:374
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:372
+#: src/config/SSSDConfig/__init__.py.in:375
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:373
+#: src/config/SSSDConfig/__init__.py.in:376
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:374
+#: src/config/SSSDConfig/__init__.py.in:377
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:375
+#: src/config/SSSDConfig/__init__.py.in:378
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:376
+#: src/config/SSSDConfig/__init__.py.in:379
msgid "Object class for sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:377
+#: src/config/SSSDConfig/__init__.py.in:380
msgid "Sudo rule name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:378
+#: src/config/SSSDConfig/__init__.py.in:381
msgid "Sudo rule command attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:379
+#: src/config/SSSDConfig/__init__.py.in:382
msgid "Sudo rule host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:380
+#: src/config/SSSDConfig/__init__.py.in:383
msgid "Sudo rule user attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:381
+#: src/config/SSSDConfig/__init__.py.in:384
msgid "Sudo rule option attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:382
+#: src/config/SSSDConfig/__init__.py.in:385
msgid "Sudo rule runas attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:383
+#: src/config/SSSDConfig/__init__.py.in:386
msgid "Sudo rule runasuser attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:384
+#: src/config/SSSDConfig/__init__.py.in:387
msgid "Sudo rule runasgroup attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:385
+#: src/config/SSSDConfig/__init__.py.in:388
msgid "Sudo rule notbefore attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:386
+#: src/config/SSSDConfig/__init__.py.in:389
msgid "Sudo rule notafter attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:387
+#: src/config/SSSDConfig/__init__.py.in:390
msgid "Sudo rule order attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:390
+#: src/config/SSSDConfig/__init__.py.in:393
msgid "Object class for automounter maps"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:391
+#: src/config/SSSDConfig/__init__.py.in:394
msgid "Automounter map name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:392
+#: src/config/SSSDConfig/__init__.py.in:395
msgid "Object class for automounter map entries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:393
+#: src/config/SSSDConfig/__init__.py.in:396
msgid "Automounter map entry key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:394
+#: src/config/SSSDConfig/__init__.py.in:397
msgid "Automounter map entry value attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:395
+#: src/config/SSSDConfig/__init__.py.in:398
msgid "Base DN for automounter map lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:398
+#: src/config/SSSDConfig/__init__.py.in:401
msgid "Comma separated list of allowed users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:399
+#: src/config/SSSDConfig/__init__.py.in:402
msgid "Comma separated list of prohibited users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:402
+#: src/config/SSSDConfig/__init__.py.in:405
msgid "Default shell, /bin/bash"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:403
+#: src/config/SSSDConfig/__init__.py.in:406
msgid "Base for home directories"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:406
+#: src/config/SSSDConfig/__init__.py.in:409
msgid "The name of the NSS library to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:407
+#: src/config/SSSDConfig/__init__.py.in:410
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:410
+#: src/config/SSSDConfig/__init__.py.in:413
msgid "PAM stack to use"
msgstr ""
@@ -1234,26 +1246,26 @@ msgstr ""
msgid "Print version number and exit"
msgstr ""
-#: src/providers/krb5/krb5_child.c:2342 src/providers/ldap/ldap_child.c:589
+#: src/providers/krb5/krb5_child.c:2342 src/providers/ldap/ldap_child.c:609
#: src/util/util.h:108
msgid "Debug level"
msgstr ""
-#: src/providers/krb5/krb5_child.c:2344 src/providers/ldap/ldap_child.c:591
+#: src/providers/krb5/krb5_child.c:2344 src/providers/ldap/ldap_child.c:611
#: src/util/util.h:114
msgid "Add debug timestamps"
msgstr ""
-#: src/providers/krb5/krb5_child.c:2346 src/providers/ldap/ldap_child.c:593
+#: src/providers/krb5/krb5_child.c:2346 src/providers/ldap/ldap_child.c:613
#: src/util/util.h:116
msgid "Show timestamps with microseconds"
msgstr ""
-#: src/providers/krb5/krb5_child.c:2348 src/providers/ldap/ldap_child.c:595
+#: src/providers/krb5/krb5_child.c:2348 src/providers/ldap/ldap_child.c:615
msgid "An open file descriptor for the debug logs"
msgstr ""
-#: src/providers/krb5/krb5_child.c:2351 src/providers/ldap/ldap_child.c:597
+#: src/providers/krb5/krb5_child.c:2351 src/providers/ldap/ldap_child.c:617
#: src/util/util.h:112
msgid "Send the debug output to stderr directly."
msgstr ""
@@ -1266,99 +1278,104 @@ msgstr ""
msgid "The group to create FAST ccache as"
msgstr ""
-#: src/providers/data_provider_be.c:2833
+#: src/providers/data_provider_be.c:2834
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:969
+#: src/sss_client/common.c:971
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:972
+#: src/sss_client/common.c:974
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:975
+#: src/sss_client/common.c:977
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:978
+#: src/sss_client/common.c:980
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:983
+#: src/sss_client/common.c:985
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:989
+#: src/sss_client/common.c:991
msgid "Unexpected error while looking for an error description"
msgstr ""
-#: src/sss_client/pam_sss.c:398
+#: src/sss_client/pam_sss.c:63
+msgid "Permission denied. "
+msgstr ""
+
+#: src/sss_client/pam_sss.c:64 src/sss_client/pam_sss.c:883
+#: src/sss_client/pam_sss.c:894
+msgid "Server message: "
+msgstr ""
+
+#: src/sss_client/pam_sss.c:401
msgid "Passwords do not match"
msgstr ""
-#: src/sss_client/pam_sss.c:586
+#: src/sss_client/pam_sss.c:589
msgid "Password reset by root is not supported."
msgstr ""
-#: src/sss_client/pam_sss.c:627
+#: src/sss_client/pam_sss.c:630
msgid "Authenticated with cached credentials"
msgstr ""
-#: src/sss_client/pam_sss.c:628
+#: src/sss_client/pam_sss.c:631
msgid ", your cached password will expire at: "
msgstr ""
-#: src/sss_client/pam_sss.c:658
+#: src/sss_client/pam_sss.c:661
#, c-format
msgid "Your password has expired. You have %1$d grace login(s) remaining."
msgstr ""
-#: src/sss_client/pam_sss.c:704
+#: src/sss_client/pam_sss.c:707
#, c-format
msgid "Your password will expire in %1$d %2$s."
msgstr ""
-#: src/sss_client/pam_sss.c:753
+#: src/sss_client/pam_sss.c:756
msgid "Authentication is denied until: "
msgstr ""
-#: src/sss_client/pam_sss.c:774
+#: src/sss_client/pam_sss.c:777
msgid "System is offline, password change not possible"
msgstr ""
-#: src/sss_client/pam_sss.c:789
+#: src/sss_client/pam_sss.c:792
msgid ""
"After changing the OTP password, you need to log out and back in order to "
"acquire a ticket"
msgstr ""
-#: src/sss_client/pam_sss.c:820 src/sss_client/pam_sss.c:833
+#: src/sss_client/pam_sss.c:880 src/sss_client/pam_sss.c:893
msgid "Password change failed. "
msgstr ""
-#: src/sss_client/pam_sss.c:823 src/sss_client/pam_sss.c:834
-msgid "Server message: "
-msgstr ""
-
-#: src/sss_client/pam_sss.c:1274
+#: src/sss_client/pam_sss.c:1336
msgid "New Password: "
msgstr ""
-#: src/sss_client/pam_sss.c:1275
+#: src/sss_client/pam_sss.c:1337
msgid "Reenter new Password: "
msgstr ""
-#: src/sss_client/pam_sss.c:1374
+#: src/sss_client/pam_sss.c:1436
msgid "Password: "
msgstr ""
-#: src/sss_client/pam_sss.c:1406
+#: src/sss_client/pam_sss.c:1468
msgid "Current Password: "
msgstr ""
-#: src/sss_client/pam_sss.c:1582
+#: src/sss_client/pam_sss.c:1644
msgid "Password expired. Change your password now."
msgstr ""
diff --git a/po/zh_TW.po b/po/zh_TW.po
index d443c8c44..c801dbd97 100644
--- a/po/zh_TW.po
+++ b/po/zh_TW.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2015-02-18 16:53+0100\n"
+"POT-Creation-Date: 2015-06-12 10:37+0200\n"
"PO-Revision-Date: 2014-06-04 02:04-0400\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Chinese (Taiwan) (http://www.transifex.com/projects/p/sssd/"
@@ -17,7 +17,7 @@ msgstr ""
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=1; plural=0;\n"
-"X-Generator: Zanata 3.5.1\n"
+"X-Generator: Zanata 3.6.2\n"
#: src/config/SSSDConfig/__init__.py.in:43
msgid "Set the verbosity of the debug logging"
@@ -103,7 +103,7 @@ msgid "Entry cache background update timeout length (seconds)"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:67
-#: src/config/SSSDConfig/__init__.py.in:96
+#: src/config/SSSDConfig/__init__.py.in:97
msgid "Negative cache timeout length (seconds)"
msgstr ""
@@ -197,1023 +197,1035 @@ msgstr ""
msgid "List of domains accessible even for untrusted users."
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:93
+#: src/config/SSSDConfig/__init__.py.in:91
+msgid "Message printed when user account is expired."
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:94
msgid "Whether to evaluate the time-based attributes in sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:99
+#: src/config/SSSDConfig/__init__.py.in:100
msgid "Whether to hash host names and addresses in the known_hosts file"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:100
+#: src/config/SSSDConfig/__init__.py.in:101
msgid ""
"How many seconds to keep a host in the known_hosts file after its host keys "
"were requested"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:103
+#: src/config/SSSDConfig/__init__.py.in:104
msgid "List of UIDs or user names allowed to access the PAC responder"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:106
+#: src/config/SSSDConfig/__init__.py.in:107
msgid "List of UIDs or user names allowed to access the InfoPipe responder"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:107
+#: src/config/SSSDConfig/__init__.py.in:108
msgid "List of user attributes the InfoPipe is allowed to publish"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:110
+#: src/config/SSSDConfig/__init__.py.in:111
msgid "Identity provider"
msgstr "身分提供者"
-#: src/config/SSSDConfig/__init__.py.in:111
+#: src/config/SSSDConfig/__init__.py.in:112
msgid "Authentication provider"
msgstr "認證提供者"
-#: src/config/SSSDConfig/__init__.py.in:112
+#: src/config/SSSDConfig/__init__.py.in:113
msgid "Access control provider"
msgstr "存取控制提供者"
-#: src/config/SSSDConfig/__init__.py.in:113
+#: src/config/SSSDConfig/__init__.py.in:114
msgid "Password change provider"
msgstr "密碼變更提供者"
-#: src/config/SSSDConfig/__init__.py.in:114
+#: src/config/SSSDConfig/__init__.py.in:115
msgid "SUDO provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:115
+#: src/config/SSSDConfig/__init__.py.in:116
msgid "Autofs provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:116
+#: src/config/SSSDConfig/__init__.py.in:117
msgid "Session-loading provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:117
+#: src/config/SSSDConfig/__init__.py.in:118
msgid "Host identity provider"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:120
+#: src/config/SSSDConfig/__init__.py.in:121
msgid "Minimum user ID"
msgstr "最小的使用者 ID"
-#: src/config/SSSDConfig/__init__.py.in:121
+#: src/config/SSSDConfig/__init__.py.in:122
msgid "Maximum user ID"
msgstr "最大的使用者 ID"
-#: src/config/SSSDConfig/__init__.py.in:122
+#: src/config/SSSDConfig/__init__.py.in:123
msgid "Enable enumerating all users/groups"
msgstr "啟用所有使用者或群組的列舉"
-#: src/config/SSSDConfig/__init__.py.in:123
+#: src/config/SSSDConfig/__init__.py.in:124
msgid "Cache credentials for offline login"
msgstr "供離線登入使用的快取憑證"
-#: src/config/SSSDConfig/__init__.py.in:124
+#: src/config/SSSDConfig/__init__.py.in:125
msgid "Store password hashes"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:125
+#: src/config/SSSDConfig/__init__.py.in:126
msgid "Display users/groups in fully-qualified form"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:126
+#: src/config/SSSDConfig/__init__.py.in:127
msgid "Don't include group members in group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:127
-#: src/config/SSSDConfig/__init__.py.in:134
+#: src/config/SSSDConfig/__init__.py.in:128
#: src/config/SSSDConfig/__init__.py.in:135
#: src/config/SSSDConfig/__init__.py.in:136
#: src/config/SSSDConfig/__init__.py.in:137
#: src/config/SSSDConfig/__init__.py.in:138
#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "Entry cache timeout length (seconds)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:128
+#: src/config/SSSDConfig/__init__.py.in:129
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:129
+#: src/config/SSSDConfig/__init__.py.in:130
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:130
+#: src/config/SSSDConfig/__init__.py.in:131
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "The domain part of service discovery DNS query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "Override GID value from the identity provider with this value"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Treat usernames as case sensitive"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "How often should expired entries be refreshed in background"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "Whether to automatically update the client's DNS entry"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:142
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:143
+#: src/config/SSSDConfig/__init__.py.in:159
msgid "The TTL to apply to the client's DNS entry after updating it"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:143
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:145
msgid "How often to periodically update the client's DNS entry"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:146
msgid "Whether the provider should explicitly update the PTR record as well"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:147
msgid "Whether the nsupdate utility should default to using TCP"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "What kind of authentication should be used to perform the DNS update"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:148
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "Control enumeration of trusted domains"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:149
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "How often should subdomains list be refreshed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:152
+#: src/config/SSSDConfig/__init__.py.in:151
+msgid "List of options that should be inherited into a subdomain"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:154
msgid "IPA domain"
msgstr "IPA 網域"
-#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:155
msgid "IPA server address"
msgstr "IPA 伺服器位址"
-#: src/config/SSSDConfig/__init__.py.in:154
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Address of backup IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:155
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "IPA client hostname"
msgstr "IPA 客戶端主機名稱"
-#: src/config/SSSDConfig/__init__.py.in:156
+#: src/config/SSSDConfig/__init__.py.in:158
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:161
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:160
+#: src/config/SSSDConfig/__init__.py.in:162
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:161
+#: src/config/SSSDConfig/__init__.py.in:163
msgid ""
"The amount of time in seconds between lookups of the SELinux maps against "
"the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:162
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "The automounter location this IPA client is using"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Search base for object containing info about IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:168
msgid "Search base for objects containing info about ID ranges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:167
-#: src/config/SSSDConfig/__init__.py.in:181
+#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:183
msgid "Enable DNS sites - location based service discovery"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:168
+#: src/config/SSSDConfig/__init__.py.in:170
msgid "Search base for view containers"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:171
msgid "Objectclass for view containers"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:170
+#: src/config/SSSDConfig/__init__.py.in:172
msgid "Attribute with the name of the view"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
msgid "Objectclass for override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:172
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Attribute with the reference to the original object"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:175
msgid "Objectclass for user override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:176
msgid "Objectclass for group override objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "Active Directory domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "Active Directory server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "Active Directory backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "Active Directory client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:182
-#: src/config/SSSDConfig/__init__.py.in:357
+#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:360
msgid "LDAP filter to determine access privileges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:183
+#: src/config/SSSDConfig/__init__.py.in:185
msgid "Whether to use the Global Catalog for lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Operation mode for GPO-based access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:187
msgid ""
"The amount of time between lookups of the GPO policy files against the AD "
"server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:186
+#: src/config/SSSDConfig/__init__.py.in:188
msgid ""
"PAM service names that map to the GPO (Deny)InteractiveLogonRight policy "
"settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:189
msgid ""
"PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight "
"policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:190
msgid ""
"PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:191
msgid ""
"PAM service names that map to the GPO (Deny)BatchLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:192
msgid ""
"PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "PAM service names for which GPO-based access is always granted"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "PAM service names for which GPO-based access is always denied"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:195
msgid ""
"Default logon right (or permit/deny) to use for unmapped PAM service names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "a particular site to be used by the client"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:197
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "Kerberos server address"
msgstr "Kerberos 伺服器位址"
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Kerberos backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "Kerberos realm"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "Authentication timeout"
msgstr "認證逾時"
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "Whether to create kdcinfo files"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "Where to drop krb5 config snippets"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "Directory to store credential caches"
msgstr "儲存憑證快取的目錄"
-#: src/config/SSSDConfig/__init__.py.in:207
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "Location of the user's credential cache"
msgstr "使用者憑證快取的位置"
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:210
msgid "Location of the keytab to validate credentials"
msgstr "驗證憑證用的金鑰表格位置"
-#: src/config/SSSDConfig/__init__.py.in:209
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "Enable credential validation"
msgstr "啟用憑證驗證"
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:212
msgid "Store password if offline for later online authentication"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:211
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:212
+#: src/config/SSSDConfig/__init__.py.in:214
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:215
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "Enables FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "Selects the principal to use for FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:218
msgid "Enables principal canonicalization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:217
+#: src/config/SSSDConfig/__init__.py.in:219
msgid "Enables enterprise principals"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:220
-#: src/config/SSSDConfig/__init__.py.in:221
-msgid "Server where the change password service is running if not on the KDC"
+msgid "A mapping from user names to kerberos principal names"
msgstr ""
+#: src/config/SSSDConfig/__init__.py.in:223
#: src/config/SSSDConfig/__init__.py.in:224
+msgid "Server where the change password service is running if not on the KDC"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:227
msgid "ldap_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:225
+#: src/config/SSSDConfig/__init__.py.in:228
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:226
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "The default base DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "The default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "The type of the authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "The authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:231
+#: src/config/SSSDConfig/__init__.py.in:234
msgid "Length of time to attempt connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Length of time to attempt synchronous LDAP operations"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "Length of time between attempts to reconnect while offline"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "File that contains CA certificates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Path to CA certificate directory"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:237
+#: src/config/SSSDConfig/__init__.py.in:240
msgid "File that contains the client certificate"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "File that contains the client key"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "Require TLS certificate verification"
msgstr "需要 TLS 憑證驗證"
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "Specify the sasl mechanism to use"
msgstr "指定要使用的 sasl 機制"
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "Specify the sasl authorization id to use"
msgstr "指定要使用的 sasl 認證 id"
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "Specify the sasl authorization realm to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:244
+#: src/config/SSSDConfig/__init__.py.in:247
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Kerberos service keytab"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "Use Kerberos auth for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "Follow LDAP referrals"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "Lifetime of TGT for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:250
+#: src/config/SSSDConfig/__init__.py.in:253
msgid "Service name for DNS service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "entryUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "lastUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:260
+#: src/config/SSSDConfig/__init__.py.in:263
msgid "Disable the LDAP paging control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "Disable Active Directory range retrieval"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "Length of time to wait for a search request"
msgstr "搜尋請求的等候時間長度"
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "Length of time to wait for a enumeration request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "Length of time between enumeration updates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "Length of time between cache cleanups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "Require TLS for ID lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:269
+#: src/config/SSSDConfig/__init__.py.in:272
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:270
+#: src/config/SSSDConfig/__init__.py.in:273
msgid "Base DN for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:271
+#: src/config/SSSDConfig/__init__.py.in:274
msgid "Scope of user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:272
+#: src/config/SSSDConfig/__init__.py.in:275
msgid "Filter for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:273
+#: src/config/SSSDConfig/__init__.py.in:276
msgid "Objectclass for users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Username attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "UID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "Primary GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "GECOS attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:279
+#: src/config/SSSDConfig/__init__.py.in:282
msgid "Home directory attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "Shell attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
msgid "UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:282
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:322
msgid "objectSID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Active Directory primary group attribute for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:284
+#: src/config/SSSDConfig/__init__.py.in:287
msgid "User principal attribute (for Kerberos)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:288
msgid "Full Name"
msgstr "全名"
-#: src/config/SSSDConfig/__init__.py.in:286
+#: src/config/SSSDConfig/__init__.py.in:289
msgid "memberOf attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Modification time attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "shadowMin attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "shadowMax attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:292
+#: src/config/SSSDConfig/__init__.py.in:295
msgid "shadowWarning attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:293
+#: src/config/SSSDConfig/__init__.py.in:296
msgid "shadowInactive attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "shadowExpire attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "shadowFlag attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:296
+#: src/config/SSSDConfig/__init__.py.in:299
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:297
+#: src/config/SSSDConfig/__init__.py.in:300
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:298
+#: src/config/SSSDConfig/__init__.py.in:301
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:299
+#: src/config/SSSDConfig/__init__.py.in:302
msgid "krbPasswordExpiration attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:300
+#: src/config/SSSDConfig/__init__.py.in:303
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "accountExpires attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "nsAccountLock attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:304
+#: src/config/SSSDConfig/__init__.py.in:307
msgid "loginDisabled attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:305
+#: src/config/SSSDConfig/__init__.py.in:308
msgid "loginExpirationTime attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:306
+#: src/config/SSSDConfig/__init__.py.in:309
msgid "loginAllowedTimeMap attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "SSH public key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "A list of extra attributes to download along with the user entry"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:310
+#: src/config/SSSDConfig/__init__.py.in:313
msgid "Base DN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:313
+#: src/config/SSSDConfig/__init__.py.in:316
msgid "Objectclass for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "Group name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Group password"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid "GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:317
+#: src/config/SSSDConfig/__init__.py.in:320
msgid "Group member attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:318
+#: src/config/SSSDConfig/__init__.py.in:321
msgid "Group UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "Modification time attribute for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "Type of the group and other flags"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:323
+#: src/config/SSSDConfig/__init__.py.in:326
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Base DN for netgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Objectclass for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Netgroups members attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid "Netgroup triple attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "Modification time attribute for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:332
+#: src/config/SSSDConfig/__init__.py.in:335
msgid "Base DN for service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Objectclass for services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Service name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Service port attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Service protocol attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:339
+#: src/config/SSSDConfig/__init__.py.in:342
msgid "Lower bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:340
+#: src/config/SSSDConfig/__init__.py.in:343
msgid "Upper bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:343
+#: src/config/SSSDConfig/__init__.py.in:346
msgid "Name of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:344
+#: src/config/SSSDConfig/__init__.py.in:347
msgid "SID of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:347
+#: src/config/SSSDConfig/__init__.py.in:350
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:348
+#: src/config/SSSDConfig/__init__.py.in:351
msgid "Whether to use Token-Groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "Set lower boundary for allowed IDs from the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Set upper boundary for allowed IDs from the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:351
+#: src/config/SSSDConfig/__init__.py.in:354
msgid "DN for ppolicy queries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:354
+#: src/config/SSSDConfig/__init__.py.in:357
msgid "Policy to evaluate the password expiration"
msgstr "評估密碼過期時效的策略"
-#: src/config/SSSDConfig/__init__.py.in:358
+#: src/config/SSSDConfig/__init__.py.in:361
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:359
+#: src/config/SSSDConfig/__init__.py.in:362
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:362
+#: src/config/SSSDConfig/__init__.py.in:365
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:363
+#: src/config/SSSDConfig/__init__.py.in:366
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:364
+#: src/config/SSSDConfig/__init__.py.in:367
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:365
+#: src/config/SSSDConfig/__init__.py.in:368
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:368
+#: src/config/SSSDConfig/__init__.py.in:371
msgid "Base DN for sudo rules lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:369
+#: src/config/SSSDConfig/__init__.py.in:372
msgid "Automatic full refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:370
+#: src/config/SSSDConfig/__init__.py.in:373
msgid "Automatic smart refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:371
+#: src/config/SSSDConfig/__init__.py.in:374
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:372
+#: src/config/SSSDConfig/__init__.py.in:375
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:373
+#: src/config/SSSDConfig/__init__.py.in:376
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:374
+#: src/config/SSSDConfig/__init__.py.in:377
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:375
+#: src/config/SSSDConfig/__init__.py.in:378
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:376
+#: src/config/SSSDConfig/__init__.py.in:379
msgid "Object class for sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:377
+#: src/config/SSSDConfig/__init__.py.in:380
msgid "Sudo rule name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:378
+#: src/config/SSSDConfig/__init__.py.in:381
msgid "Sudo rule command attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:379
+#: src/config/SSSDConfig/__init__.py.in:382
msgid "Sudo rule host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:380
+#: src/config/SSSDConfig/__init__.py.in:383
msgid "Sudo rule user attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:381
+#: src/config/SSSDConfig/__init__.py.in:384
msgid "Sudo rule option attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:382
+#: src/config/SSSDConfig/__init__.py.in:385
msgid "Sudo rule runas attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:383
+#: src/config/SSSDConfig/__init__.py.in:386
msgid "Sudo rule runasuser attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:384
+#: src/config/SSSDConfig/__init__.py.in:387
msgid "Sudo rule runasgroup attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:385
+#: src/config/SSSDConfig/__init__.py.in:388
msgid "Sudo rule notbefore attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:386
+#: src/config/SSSDConfig/__init__.py.in:389
msgid "Sudo rule notafter attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:387
+#: src/config/SSSDConfig/__init__.py.in:390
msgid "Sudo rule order attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:390
+#: src/config/SSSDConfig/__init__.py.in:393
msgid "Object class for automounter maps"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:391
+#: src/config/SSSDConfig/__init__.py.in:394
msgid "Automounter map name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:392
+#: src/config/SSSDConfig/__init__.py.in:395
msgid "Object class for automounter map entries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:393
+#: src/config/SSSDConfig/__init__.py.in:396
msgid "Automounter map entry key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:394
+#: src/config/SSSDConfig/__init__.py.in:397
msgid "Automounter map entry value attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:395
+#: src/config/SSSDConfig/__init__.py.in:398
msgid "Base DN for automounter map lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:398
+#: src/config/SSSDConfig/__init__.py.in:401
msgid "Comma separated list of allowed users"
msgstr "許可的使用者清單,請使用半形逗號作為分隔"
-#: src/config/SSSDConfig/__init__.py.in:399
+#: src/config/SSSDConfig/__init__.py.in:402
msgid "Comma separated list of prohibited users"
msgstr "被禁止的使用者清單,請使用半形逗號作為分隔"
-#: src/config/SSSDConfig/__init__.py.in:402
+#: src/config/SSSDConfig/__init__.py.in:405
msgid "Default shell, /bin/bash"
msgstr "預設 shell,/bin/bash"
-#: src/config/SSSDConfig/__init__.py.in:403
+#: src/config/SSSDConfig/__init__.py.in:406
msgid "Base for home directories"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:406
+#: src/config/SSSDConfig/__init__.py.in:409
msgid "The name of the NSS library to use"
msgstr "要使用的 NSS 函式庫名稱"
-#: src/config/SSSDConfig/__init__.py.in:407
+#: src/config/SSSDConfig/__init__.py.in:410
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:410
+#: src/config/SSSDConfig/__init__.py.in:413
msgid "PAM stack to use"
msgstr "要使用的 PAM 堆疊"
@@ -1233,26 +1245,26 @@ msgstr "指定非預設的配置檔"
msgid "Print version number and exit"
msgstr ""
-#: src/providers/krb5/krb5_child.c:2342 src/providers/ldap/ldap_child.c:589
+#: src/providers/krb5/krb5_child.c:2342 src/providers/ldap/ldap_child.c:609
#: src/util/util.h:108
msgid "Debug level"
msgstr "除錯層級"
-#: src/providers/krb5/krb5_child.c:2344 src/providers/ldap/ldap_child.c:591
+#: src/providers/krb5/krb5_child.c:2344 src/providers/ldap/ldap_child.c:611
#: src/util/util.h:114
msgid "Add debug timestamps"
msgstr "加入除錯時間戳記"
-#: src/providers/krb5/krb5_child.c:2346 src/providers/ldap/ldap_child.c:593
+#: src/providers/krb5/krb5_child.c:2346 src/providers/ldap/ldap_child.c:613
#: src/util/util.h:116
msgid "Show timestamps with microseconds"
msgstr ""
-#: src/providers/krb5/krb5_child.c:2348 src/providers/ldap/ldap_child.c:595
+#: src/providers/krb5/krb5_child.c:2348 src/providers/ldap/ldap_child.c:615
msgid "An open file descriptor for the debug logs"
msgstr ""
-#: src/providers/krb5/krb5_child.c:2351 src/providers/ldap/ldap_child.c:597
+#: src/providers/krb5/krb5_child.c:2351 src/providers/ldap/ldap_child.c:617
#: src/util/util.h:112
msgid "Send the debug output to stderr directly."
msgstr ""
@@ -1265,99 +1277,104 @@ msgstr ""
msgid "The group to create FAST ccache as"
msgstr ""
-#: src/providers/data_provider_be.c:2833
+#: src/providers/data_provider_be.c:2834
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:969
+#: src/sss_client/common.c:971
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:972
+#: src/sss_client/common.c:974
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:975
+#: src/sss_client/common.c:977
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:978
+#: src/sss_client/common.c:980
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:983
+#: src/sss_client/common.c:985
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:989
+#: src/sss_client/common.c:991
msgid "Unexpected error while looking for an error description"
msgstr ""
-#: src/sss_client/pam_sss.c:398
+#: src/sss_client/pam_sss.c:63
+msgid "Permission denied. "
+msgstr ""
+
+#: src/sss_client/pam_sss.c:64 src/sss_client/pam_sss.c:883
+#: src/sss_client/pam_sss.c:894
+msgid "Server message: "
+msgstr "伺服器訊息:"
+
+#: src/sss_client/pam_sss.c:401
msgid "Passwords do not match"
msgstr "密碼不相符"
-#: src/sss_client/pam_sss.c:586
+#: src/sss_client/pam_sss.c:589
msgid "Password reset by root is not supported."
msgstr ""
-#: src/sss_client/pam_sss.c:627
+#: src/sss_client/pam_sss.c:630
msgid "Authenticated with cached credentials"
msgstr ""
-#: src/sss_client/pam_sss.c:628
+#: src/sss_client/pam_sss.c:631
msgid ", your cached password will expire at: "
msgstr ",您快取的密碼將在此刻過期:"
-#: src/sss_client/pam_sss.c:658
+#: src/sss_client/pam_sss.c:661
#, c-format
msgid "Your password has expired. You have %1$d grace login(s) remaining."
msgstr ""
-#: src/sss_client/pam_sss.c:704
+#: src/sss_client/pam_sss.c:707
#, c-format
msgid "Your password will expire in %1$d %2$s."
msgstr ""
-#: src/sss_client/pam_sss.c:753
+#: src/sss_client/pam_sss.c:756
msgid "Authentication is denied until: "
msgstr ""
-#: src/sss_client/pam_sss.c:774
+#: src/sss_client/pam_sss.c:777
msgid "System is offline, password change not possible"
msgstr "系統已離線,不可能作密碼變更"
-#: src/sss_client/pam_sss.c:789
+#: src/sss_client/pam_sss.c:792
msgid ""
"After changing the OTP password, you need to log out and back in order to "
"acquire a ticket"
msgstr ""
-#: src/sss_client/pam_sss.c:820 src/sss_client/pam_sss.c:833
+#: src/sss_client/pam_sss.c:880 src/sss_client/pam_sss.c:893
msgid "Password change failed. "
msgstr "密碼變更失敗。"
-#: src/sss_client/pam_sss.c:823 src/sss_client/pam_sss.c:834
-msgid "Server message: "
-msgstr "伺服器訊息:"
-
-#: src/sss_client/pam_sss.c:1274
+#: src/sss_client/pam_sss.c:1336
msgid "New Password: "
msgstr "新密碼:"
-#: src/sss_client/pam_sss.c:1275
+#: src/sss_client/pam_sss.c:1337
msgid "Reenter new Password: "
msgstr "再次輸入新密碼:"
-#: src/sss_client/pam_sss.c:1374
+#: src/sss_client/pam_sss.c:1436
msgid "Password: "
msgstr "密碼:"
-#: src/sss_client/pam_sss.c:1406
+#: src/sss_client/pam_sss.c:1468
msgid "Current Password: "
msgstr "目前的密碼:"
-#: src/sss_client/pam_sss.c:1582
+#: src/sss_client/pam_sss.c:1644
msgid "Password expired. Change your password now."
msgstr "密碼已過期。請立刻變更您的密碼。"
diff --git a/src/man/po/br.po b/src/man/po/br.po
index 4e848456b..8fde63194 100644
--- a/src/man/po/br.po
+++ b/src/man/po/br.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: sssd-docs 1.12.2\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2015-02-18 16:52+0100\n"
+"POT-Creation-Date: 2015-06-12 10:36+0200\n"
"PO-Revision-Date: 2014-06-04 02:04-0400\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Breton (http://www.transifex.com/projects/p/sssd/language/"
@@ -18,7 +18,7 @@ msgstr ""
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=(n > 1);\n"
-"X-Generator: Zanata 3.5.1\n"
+"X-Generator: Zanata 3.6.2\n"
#. type: Content of: <reference><title>
#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5
@@ -230,11 +230,11 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:81 sssd.conf.5.xml:571 sssd.conf.5.xml:1014
+#: sssd.conf.5.xml:81 sssd.conf.5.xml:602 sssd.conf.5.xml:1066
#: sssd-ldap.5.xml:1625 sssd-ldap.5.xml:1722 sssd-ldap.5.xml:1784
-#: sssd-ldap.5.xml:2273 sssd-ldap.5.xml:2338 sssd-ldap.5.xml:2356
+#: sssd-ldap.5.xml:2324 sssd-ldap.5.xml:2389 sssd-ldap.5.xml:2407
#: sssd-ipa.5.xml:378 sssd-ipa.5.xml:413 sssd-ad.5.xml:166 sssd-ad.5.xml:264
-#: sssd-ad.5.xml:714 sssd-ad.5.xml:806 sssd-krb5.5.xml:490
+#: sssd-ad.5.xml:714 sssd-ad.5.xml:806 sssd-krb5.5.xml:499
msgid "Default: true"
msgstr "Dre ziouer : true"
@@ -251,16 +251,16 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:94 sssd.conf.5.xml:968 sssd.conf.5.xml:2043
+#: sssd.conf.5.xml:94 sssd.conf.5.xml:1020 sssd.conf.5.xml:2095
#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1499 sssd-ldap.5.xml:1518
-#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:2060 sssd-ipa.5.xml:139
-#: sssd-ipa.5.xml:208 sssd-ipa.5.xml:543 sssd-krb5.5.xml:257
-#: sssd-krb5.5.xml:291 sssd-krb5.5.xml:462
+#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:2111 sssd-ipa.5.xml:139
+#: sssd-ipa.5.xml:208 sssd-ipa.5.xml:543 sssd-krb5.5.xml:266
+#: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471
msgid "Default: false"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:67 sssd.conf.5.xml:105 sssd-ldap.5.xml:2081
+#: sssd.conf.5.xml:67 sssd.conf.5.xml:105 sssd-ldap.5.xml:2132
msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
@@ -297,7 +297,7 @@ msgid "The [sssd] section"
msgstr "Ar rann [sssd]"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:137 sssd.conf.5.xml:2127
+#: sssd.conf.5.xml:137 sssd.conf.5.xml:2179
msgid "Section parameters"
msgstr "Arventennoù ar rann"
@@ -366,7 +366,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:193 sssd.conf.5.xml:1826
+#: sssd.conf.5.xml:193 sssd.conf.5.xml:1878
msgid "re_expression (string)"
msgstr "re_expression (neudennad)"
@@ -386,12 +386,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:210 sssd.conf.5.xml:1877
+#: sssd.conf.5.xml:210 sssd.conf.5.xml:1929
msgid "full_name_format (string)"
msgstr "full_name_format (neudennad)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:213 sssd.conf.5.xml:1880
+#: sssd.conf.5.xml:213 sssd.conf.5.xml:1932
msgid ""
"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
"manvolnum> </citerefentry>-compatible format that describes how to compose a "
@@ -399,39 +399,39 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:224 sssd.conf.5.xml:1891
+#: sssd.conf.5.xml:224 sssd.conf.5.xml:1943
msgid "%1$s"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:225 sssd.conf.5.xml:1892
+#: sssd.conf.5.xml:225 sssd.conf.5.xml:1944
msgid "user name"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:228 sssd.conf.5.xml:1895
+#: sssd.conf.5.xml:228 sssd.conf.5.xml:1947
msgid "%2$s"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:231 sssd.conf.5.xml:1898
+#: sssd.conf.5.xml:231 sssd.conf.5.xml:1950
msgid "domain name as specified in the SSSD config file."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:237 sssd.conf.5.xml:1904
+#: sssd.conf.5.xml:237 sssd.conf.5.xml:1956
msgid "%3$s"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:240 sssd.conf.5.xml:1907
+#: sssd.conf.5.xml:240 sssd.conf.5.xml:1959
msgid ""
"domain flat name. Mostly usable for Active Directory domains, both directly "
"configured or discovered via IPA trusts."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:221 sssd.conf.5.xml:1888
+#: sssd.conf.5.xml:221 sssd.conf.5.xml:1940
msgid ""
"The following expansions are supported: <placeholder type=\"variablelist\" "
"id=\"0\"/>"
@@ -550,8 +550,8 @@ msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:336 sssd-ldap.5.xml:663 sssd-ldap.5.xml:1458
#: sssd-ldap.5.xml:1470 sssd-ldap.5.xml:1552 sssd-ad.5.xml:557
-#: sssd-ad.5.xml:627 sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:203
-#: include/ldap_id_mapping.xml:214
+#: sssd-ad.5.xml:627 sssd-krb5.5.xml:410 sssd-krb5.5.xml:550
+#: include/ldap_id_mapping.xml:203 include/ldap_id_mapping.xml:214
msgid "Default: not set"
msgstr ""
@@ -654,18 +654,18 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:427 sssd.conf.5.xml:443 sssd.conf.5.xml:475
-#: sssd.conf.5.xml:702 sssd.conf.5.xml:888 sssd.conf.5.xml:1209
+#: sssd.conf.5.xml:733 sssd.conf.5.xml:919 sssd.conf.5.xml:1261
#: sssd-ldap.5.xml:1200
msgid "Default: 60"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:432 sssd.conf.5.xml:1198
+#: sssd.conf.5.xml:432 sssd.conf.5.xml:1250
msgid "force_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:435 sssd.conf.5.xml:1201
+#: sssd.conf.5.xml:435 sssd.conf.5.xml:1253
msgid ""
"If a service is not responding to ping checks (see the <quote>timeout</"
"quote> option), it is first sent the SIGTERM signal that instructs it to "
@@ -712,41 +712,93 @@ msgid ""
"will be forced to one hour."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:480
+msgid "subdomain_inherit (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:483
+msgid ""
+"Specifies a list of configuration parameters that should be inherited by a "
+"subdomain. Please note that only selected parameters can be inherited. "
+"Currently the following options can be inherited:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:489
+msgid "ignore_group_members"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:492
+msgid "ldap_purge_cache_timeout"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:495 sssd-ldap.5.xml:1017
+msgid "ldap_use_tokengroups"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:498
+msgid "ldap_user_principal"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd.conf.5.xml:503
+#, no-wrap
+msgid ""
+"subdomain_inherit = ldap_purge_cache_timeout\n"
+" "
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:501
+msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:507 sssd.conf.5.xml:963 sssd.conf.5.xml:984
+#: sssd.conf.5.xml:1244 sssd-ldap.5.xml:1753
+msgid "Default: none"
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:484
+#: sssd.conf.5.xml:515
msgid "NSS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:486
+#: sssd.conf.5.xml:517
msgid ""
"These options can be used to configure the Name Service Switch (NSS) service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:491
+#: sssd.conf.5.xml:522
msgid "enum_cache_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:494
+#: sssd.conf.5.xml:525
msgid ""
"How many seconds should nss_sss cache enumerations (requests for info about "
"all users)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:498
+#: sssd.conf.5.xml:529
msgid "Default: 120"
msgstr "Dre ziouer : 120"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:503
+#: sssd.conf.5.xml:534
msgid "entry_cache_nowait_percentage (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:506
+#: sssd.conf.5.xml:537
msgid ""
"The entry cache can be set to automatically update entries in the background "
"if they are requested beyond a percentage of the entry_cache_timeout value "
@@ -754,7 +806,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:512
+#: sssd.conf.5.xml:543
msgid ""
"For example, if the domain's entry_cache_timeout is set to 30s and "
"entry_cache_nowait_percentage is set to 50 (percent), entries that come in "
@@ -764,7 +816,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:522
+#: sssd.conf.5.xml:553
msgid ""
"Valid values for this option are 0-99 and represent a percentage of the "
"entry_cache_timeout for each domain. For performance reasons, this "
@@ -773,17 +825,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:530
+#: sssd.conf.5.xml:561
msgid "Default: 50"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:535
+#: sssd.conf.5.xml:566
msgid "entry_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:538
+#: sssd.conf.5.xml:569
msgid ""
"Specifies for how many seconds nss_sss should cache negative cache hits "
"(that is, queries for invalid database entries, like nonexistent ones) "
@@ -791,17 +843,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:544 sssd.conf.5.xml:992
+#: sssd.conf.5.xml:575 sssd.conf.5.xml:1044
msgid "Default: 15"
msgstr "Dre ziouer : 15"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:549
+#: sssd.conf.5.xml:580
msgid "filter_users, filter_groups (string)"
msgstr "filter_users, filter_groups (neudennad)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:552
+#: sssd.conf.5.xml:583
msgid ""
"Exclude certain users from being fetched from the sss NSS database. This is "
"particularly useful for system accounts. This option can also be set per-"
@@ -810,41 +862,41 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:559
+#: sssd.conf.5.xml:590
msgid "Default: root"
msgstr "Dre zoiuer : root"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:564
+#: sssd.conf.5.xml:595
msgid "filter_users_in_groups (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:567
+#: sssd.conf.5.xml:598
msgid ""
"If you want filtered user still be group members set this option to false."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:578
+#: sssd.conf.5.xml:609
msgid "fallback_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:581
+#: sssd.conf.5.xml:612
msgid ""
"Set a default template for a user's home directory if one is not specified "
"explicitly by the domain's data provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:586
+#: sssd.conf.5.xml:617
msgid ""
"The available values for this option are the same as for override_homedir."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
-#: sssd.conf.5.xml:592
+#: sssd.conf.5.xml:623
#, no-wrap
msgid ""
"fallback_homedir = /home/%u\n"
@@ -852,22 +904,23 @@ msgid ""
msgstr ""
#. type: Content of: <varlistentry><listitem><para>
-#: sssd.conf.5.xml:590 include/override_homedir.xml:55
+#: sssd.conf.5.xml:621 sssd.conf.5.xml:978 sssd-krb5.5.xml:533
+#: include/override_homedir.xml:55
msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:596
+#: sssd.conf.5.xml:627
msgid "Default: not set (no substitution for unset home directories)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:602
+#: sssd.conf.5.xml:633
msgid "override_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:605
+#: sssd.conf.5.xml:636
msgid ""
"Override the login shell for all users. This option supersedes any other "
"shell options if it takes effect and can be set either in the [nss] section "
@@ -875,47 +928,47 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:611
+#: sssd.conf.5.xml:642
msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:617
+#: sssd.conf.5.xml:648
msgid "allowed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:620
+#: sssd.conf.5.xml:651
msgid ""
"Restrict user shell to one of the listed values. The order of evaluation is:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:623
+#: sssd.conf.5.xml:654
msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:627
+#: sssd.conf.5.xml:658
msgid ""
"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
"quote>, use the value of the shell_fallback parameter."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:632
+#: sssd.conf.5.xml:663
msgid ""
"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
"shells</quote>, a nologin shell is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:637
+#: sssd.conf.5.xml:668
msgid "The wildcard (*) can be used to allow any shell."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:640
+#: sssd.conf.5.xml:671
msgid ""
"The (*) is useful if you want to use shell_fallback in case that user's "
"shell is not in <quote>/etc/shells</quote> and maintaining list of all "
@@ -923,103 +976,103 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:647
+#: sssd.conf.5.xml:678
msgid "An empty string for shell is passed as-is to libc."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:650
+#: sssd.conf.5.xml:681
msgid ""
"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
"that a restart of the SSSD is required in case a new shell is installed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:654
+#: sssd.conf.5.xml:685
msgid "Default: Not set. The user shell is automatically used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:659
+#: sssd.conf.5.xml:690
msgid "vetoed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:662
+#: sssd.conf.5.xml:693
msgid "Replace any instance of these shells with the shell_fallback"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:667
+#: sssd.conf.5.xml:698
msgid "shell_fallback (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:670
+#: sssd.conf.5.xml:701
msgid ""
"The default shell to use if an allowed shell is not installed on the machine."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:674
+#: sssd.conf.5.xml:705
msgid "Default: /bin/sh"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:679
+#: sssd.conf.5.xml:710
msgid "default_shell"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:682
+#: sssd.conf.5.xml:713
msgid ""
"The default shell to use if the provider does not return one during lookup. "
"This option can be specified globally in the [nss] section or per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:688
+#: sssd.conf.5.xml:719
msgid ""
"Default: not set (Return NULL if no shell is specified and rely on libc to "
"substitute something sensible when necessary, usually /bin/sh)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:695 sssd.conf.5.xml:881
+#: sssd.conf.5.xml:726 sssd.conf.5.xml:912
msgid "get_domains_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:698 sssd.conf.5.xml:884
+#: sssd.conf.5.xml:729 sssd.conf.5.xml:915
msgid ""
"Specifies time in seconds for which the list of subdomains will be "
"considered valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:707
+#: sssd.conf.5.xml:738
msgid "memcache_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:710
+#: sssd.conf.5.xml:741
msgid ""
"Specifies time in seconds for which records in the in-memory cache will be "
"valid"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:714 sssd-ldap.5.xml:706
+#: sssd.conf.5.xml:745 sssd-ldap.5.xml:706
msgid "Default: 300"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:719 sssd-ifp.5.xml:74
+#: sssd.conf.5.xml:750 sssd-ifp.5.xml:74
msgid "user_attributes (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:722
+#: sssd.conf.5.xml:753
msgid ""
"Some of the additional NSS responder requests can return more attributes "
"than just the POSIX ones defined by the NSS interface. The list of "
@@ -1030,72 +1083,72 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:735
+#: sssd.conf.5.xml:766
msgid ""
"To make configuration more easy the NSS responder will check the InfoPipe "
"option if it is not set for the NSS responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:740
+#: sssd.conf.5.xml:771
msgid "Default: not set, fallback to InfoPipe option"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:747
+#: sssd.conf.5.xml:778
msgid "PAM configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:749
+#: sssd.conf.5.xml:780
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:754
+#: sssd.conf.5.xml:785
msgid "offline_credentials_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:757
+#: sssd.conf.5.xml:788
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:762 sssd.conf.5.xml:775
+#: sssd.conf.5.xml:793 sssd.conf.5.xml:806
msgid "Default: 0 (No limit)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:768
+#: sssd.conf.5.xml:799
msgid "offline_failed_login_attempts (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:771
+#: sssd.conf.5.xml:802
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:781
+#: sssd.conf.5.xml:812
msgid "offline_failed_login_delay (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:784
+#: sssd.conf.5.xml:815
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:789
+#: sssd.conf.5.xml:820
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -1103,59 +1156,59 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:795 sssd.conf.5.xml:848
+#: sssd.conf.5.xml:826 sssd.conf.5.xml:879
msgid "Default: 5"
msgstr "Dre zoiuer : 5"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:801
+#: sssd.conf.5.xml:832
msgid "pam_verbosity (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:804
+#: sssd.conf.5.xml:835
msgid ""
"Controls what kind of messages are shown to the user during authentication. "
"The higher the number to more messages are displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:809
+#: sssd.conf.5.xml:840
msgid "Currently sssd supports the following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:812
+#: sssd.conf.5.xml:843
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:815
+#: sssd.conf.5.xml:846
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:819
+#: sssd.conf.5.xml:850
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:822
+#: sssd.conf.5.xml:853
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:826 sssd.8.xml:63
+#: sssd.conf.5.xml:857 sssd.8.xml:63
msgid "Default: 1"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:831
+#: sssd.conf.5.xml:862
msgid "pam_id_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:834
+#: sssd.conf.5.xml:865
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -1163,7 +1216,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:840
+#: sssd.conf.5.xml:871
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a per-"
@@ -1172,17 +1225,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:854
+#: sssd.conf.5.xml:885
msgid "pam_pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:857 sssd.conf.5.xml:1390
+#: sssd.conf.5.xml:888 sssd.conf.5.xml:1442
msgid "Display a warning N days before the password expires."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:860
+#: sssd.conf.5.xml:891
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1190,31 +1243,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:866 sssd.conf.5.xml:1393
+#: sssd.conf.5.xml:897 sssd.conf.5.xml:1445
msgid ""
"If zero is set, then this filter is not applied, i.e. if the expiration "
"warning was received from backend server, it will automatically be displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:871
+#: sssd.conf.5.xml:902
msgid ""
"This setting can be overridden by setting <emphasis>pwd_expiration_warning</"
"emphasis> for a particular domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:876 sssd.8.xml:79
+#: sssd.conf.5.xml:907 sssd.8.xml:79
msgid "Default: 0"
msgstr "Dre ziouer : 0"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:893
+#: sssd.conf.5.xml:924
msgid "pam_trusted_users (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:896
+#: sssd.conf.5.xml:927
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAM responder. User names are resolved to UIDs at "
@@ -1222,59 +1275,75 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:902
+#: sssd.conf.5.xml:933
msgid "Default: all (All users are allowed to access the PAM responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:906
+#: sssd.conf.5.xml:937
msgid ""
"Please note that UID 0 is always allowed to access the PAM responder even in "
"case it is not in the pam_trusted_users list."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:913
+#: sssd.conf.5.xml:944
msgid "pam_public_domains (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:916
+#: sssd.conf.5.xml:947
msgid ""
"Specifies the comma-separated list of domain names that are accessible even "
"to untrusted users."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:920
+#: sssd.conf.5.xml:951
msgid "Two special values for pam_public_domains option are defined:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:924
+#: sssd.conf.5.xml:955
msgid ""
"all (Untrusted users are allowed to access all domains in PAM responder.)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:928
+#: sssd.conf.5.xml:959
msgid ""
"none (Untrusted users are not allowed to access any domains PAM in "
"responder.)"
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:932 sssd.conf.5.xml:1192 sssd-ldap.5.xml:1753
-msgid "Default: none"
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:968
+msgid "pam_account_expired_message (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:971
+msgid ""
+"If user is authenticating using SSH keys and account is expired then by "
+"default 'Permission denied' is output. This output will be changed to "
+"content of this variable if it is set."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd.conf.5.xml:980
+#, no-wrap
+msgid ""
+"pam_account_expired_message = Account expired, please call help desk.\n"
+" "
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:941
+#: sssd.conf.5.xml:993
msgid "SUDO configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:943
+#: sssd.conf.5.xml:995
msgid ""
"These options can be used to configure the sudo service. The detailed "
"instructions for configuration of <citerefentry> <refentrytitle>sudo</"
@@ -1285,34 +1354,34 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:960
+#: sssd.conf.5.xml:1012
msgid "sudo_timed (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:1015
msgid ""
"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
"that implement time-dependent sudoers entries."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:976
+#: sssd.conf.5.xml:1028
msgid "AUTOFS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:978
+#: sssd.conf.5.xml:1030
msgid "These options can be used to configure the autofs service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:982
+#: sssd.conf.5.xml:1034
msgid "autofs_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:985
+#: sssd.conf.5.xml:1037
msgid ""
"Specifies for how many seconds should the autofs responder negative cache "
"hits (that is, queries for invalid map entries, like nonexistent ones) "
@@ -1320,51 +1389,51 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1001
+#: sssd.conf.5.xml:1053
msgid "SSH configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1003
+#: sssd.conf.5.xml:1055
msgid "These options can be used to configure the SSH service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1007
+#: sssd.conf.5.xml:1059
msgid "ssh_hash_known_hosts (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1010
+#: sssd.conf.5.xml:1062
msgid ""
"Whether or not to hash host names and addresses in the managed known_hosts "
"file."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1019
+#: sssd.conf.5.xml:1071
msgid "ssh_known_hosts_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1022
+#: sssd.conf.5.xml:1074
msgid ""
"How many seconds to keep a host in the managed known_hosts file after its "
"host keys were requested."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1026
+#: sssd.conf.5.xml:1078
msgid "Default: 180"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1034
+#: sssd.conf.5.xml:1086
msgid "PAC responder configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1036
+#: sssd.conf.5.xml:1088
msgid ""
"The PAC responder works together with the authorization data plugin for MIT "
"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
@@ -1376,7 +1445,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1045
+#: sssd.conf.5.xml:1097
msgid ""
"If the remote user does not exist in the cache, it is created. The uid is "
"determined with the help of the SID, trusted domains will have UPGs and the "
@@ -1387,24 +1456,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1053
+#: sssd.conf.5.xml:1105
msgid ""
"If there are SIDs of groups from domains sssd knows about, the user will be "
"added to those groups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1059
+#: sssd.conf.5.xml:1111
msgid "These options can be used to configure the PAC responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1063 sssd-ifp.5.xml:50
+#: sssd.conf.5.xml:1115 sssd-ifp.5.xml:50
msgid "allowed_uids (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1066
+#: sssd.conf.5.xml:1118
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAC responder. User names are resolved to UIDs at "
@@ -1412,12 +1481,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1072
+#: sssd.conf.5.xml:1124
msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1076
+#: sssd.conf.5.xml:1128
msgid ""
"Please note that although the UID 0 is used as the default it will be "
"overwritten with this option. If you still want to allow the root user to "
@@ -1426,24 +1495,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:1090
+#: sssd.conf.5.xml:1142
msgid "DOMAIN SECTIONS"
msgstr "RANNOÙ DOMANI"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1097
+#: sssd.conf.5.xml:1149
msgid "min_id,max_id (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1100
+#: sssd.conf.5.xml:1152
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1105
+#: sssd.conf.5.xml:1157
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For non-"
@@ -1452,47 +1521,47 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1112
+#: sssd.conf.5.xml:1164
msgid ""
"These ID limits affect even saving entries to cache, not only returning them "
"by name or ID."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1116
+#: sssd.conf.5.xml:1168
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1122
+#: sssd.conf.5.xml:1174
msgid "enumerate (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1125
+#: sssd.conf.5.xml:1177
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1129
+#: sssd.conf.5.xml:1181
msgid "TRUE = Users and groups are enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1132
+#: sssd.conf.5.xml:1184
msgid "FALSE = No enumerations for this domain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1135 sssd.conf.5.xml:1367 sssd.conf.5.xml:1476
-#: sssd.conf.5.xml:1493
+#: sssd.conf.5.xml:1187 sssd.conf.5.xml:1419 sssd.conf.5.xml:1528
+#: sssd.conf.5.xml:1545
msgid "Default: FALSE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1138
+#: sssd.conf.5.xml:1190
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
@@ -1504,14 +1573,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1151
+#: sssd.conf.5.xml:1203
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1156
+#: sssd.conf.5.xml:1208
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -1520,39 +1589,39 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1164
+#: sssd.conf.5.xml:1216
msgid ""
"For the reasons cited above, enabling enumeration is not recommended, "
"especially in large environments."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1172
+#: sssd.conf.5.xml:1224
msgid "subdomain_enumerate (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1179
+#: sssd.conf.5.xml:1231
msgid "all"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1180
+#: sssd.conf.5.xml:1232
msgid "All discovered trusted domains will be enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1183
+#: sssd.conf.5.xml:1235
msgid "none"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1184
+#: sssd.conf.5.xml:1236
msgid "No discovered trusted domains will be enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1175
+#: sssd.conf.5.xml:1227
msgid ""
"Whether any of autodetected trusted domains should be enumerated. The "
"supported values are: <placeholder type=\"variablelist\" id=\"0\"/> "
@@ -1561,19 +1630,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1215
+#: sssd.conf.5.xml:1267
msgid "entry_cache_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1218
+#: sssd.conf.5.xml:1270
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1222
+#: sssd.conf.5.xml:1274
msgid ""
"The cache expiration timestamps are stored as attributes of individual "
"objects in the cache. Therefore, changing the cache timeout only has effect "
@@ -1584,150 +1653,151 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1235
+#: sssd.conf.5.xml:1287
msgid "Default: 5400"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1241
+#: sssd.conf.5.xml:1293
msgid "entry_cache_user_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1244
+#: sssd.conf.5.xml:1296
msgid ""
"How many seconds should nss_sss consider user entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1248 sssd.conf.5.xml:1261 sssd.conf.5.xml:1274
-#: sssd.conf.5.xml:1287 sssd.conf.5.xml:1300 sssd.conf.5.xml:1314
-#: sssd.conf.5.xml:1328
+#: sssd.conf.5.xml:1300 sssd.conf.5.xml:1313 sssd.conf.5.xml:1326
+#: sssd.conf.5.xml:1339 sssd.conf.5.xml:1352 sssd.conf.5.xml:1366
+#: sssd.conf.5.xml:1380
msgid "Default: entry_cache_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1254
+#: sssd.conf.5.xml:1306
msgid "entry_cache_group_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1257
+#: sssd.conf.5.xml:1309
msgid ""
"How many seconds should nss_sss consider group entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1267
+#: sssd.conf.5.xml:1319
msgid "entry_cache_netgroup_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1270
+#: sssd.conf.5.xml:1322
msgid ""
"How many seconds should nss_sss consider netgroup entries valid before "
"asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1280
+#: sssd.conf.5.xml:1332
msgid "entry_cache_service_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1283
+#: sssd.conf.5.xml:1335
msgid ""
"How many seconds should nss_sss consider service entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1293
+#: sssd.conf.5.xml:1345
msgid "entry_cache_sudo_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1296
+#: sssd.conf.5.xml:1348
msgid ""
"How many seconds should sudo consider rules valid before asking the backend "
"again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1306
+#: sssd.conf.5.xml:1358
msgid "entry_cache_autofs_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1309
+#: sssd.conf.5.xml:1361
msgid ""
"How many seconds should the autofs service consider automounter maps valid "
"before asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1320
+#: sssd.conf.5.xml:1372
msgid "entry_cache_ssh_host_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1323
+#: sssd.conf.5.xml:1375
msgid ""
"How many seconds to keep a host ssh key after refresh. IE how long to cache "
"the host key for."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1334
+#: sssd.conf.5.xml:1386
msgid "refresh_expired_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1337
+#: sssd.conf.5.xml:1389
msgid ""
"Specifies how many seconds SSSD has to wait before triggering a background "
"refresh task which will refresh all expired or nearly expired records."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1342
-msgid "Currently only refreshing expired netgroups is supported."
+#: sssd.conf.5.xml:1394
+msgid ""
+"The background refresh will process users, groups and netgroups in the cache."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1346
+#: sssd.conf.5.xml:1398
msgid "You can consider setting this value to 3/4 * entry_cache_timeout."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1350 sssd-ipa.5.xml:224
+#: sssd.conf.5.xml:1402 sssd-ipa.5.xml:224
msgid "Default: 0 (disabled)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1356
+#: sssd.conf.5.xml:1408
msgid "cache_credentials (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1359
+#: sssd.conf.5.xml:1411
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1363
+#: sssd.conf.5.xml:1415
msgid "User credentials are stored in a SHA512 hash, not in plaintext"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1372
+#: sssd.conf.5.xml:1424
msgid "account_cache_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1375
+#: sssd.conf.5.xml:1427
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -1736,17 +1806,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1382
+#: sssd.conf.5.xml:1434
msgid "Default: 0 (unlimited)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1387
+#: sssd.conf.5.xml:1439
msgid "pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1398
+#: sssd.conf.5.xml:1450
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1755,33 +1825,33 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1405
+#: sssd.conf.5.xml:1457
msgid "Default: 7 (Kerberos), 0 (LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1411
+#: sssd.conf.5.xml:1463
msgid "id_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1414
+#: sssd.conf.5.xml:1466
msgid ""
"The identification provider used for the domain. Supported ID providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1418
+#: sssd.conf.5.xml:1470
msgid "<quote>proxy</quote>: Support a legacy NSS provider"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1421 sssd.conf.5.xml:1539
+#: sssd.conf.5.xml:1473 sssd.conf.5.xml:1591
msgid "<quote>local</quote>: SSSD internal provider for local users"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1425
+#: sssd.conf.5.xml:1477
msgid ""
"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
@@ -1789,8 +1859,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1433 sssd.conf.5.xml:1519 sssd.conf.5.xml:1574
-#: sssd.conf.5.xml:1627
+#: sssd.conf.5.xml:1485 sssd.conf.5.xml:1571 sssd.conf.5.xml:1626
+#: sssd.conf.5.xml:1679
msgid ""
"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -1799,8 +1869,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1442 sssd.conf.5.xml:1528 sssd.conf.5.xml:1583
-#: sssd.conf.5.xml:1636
+#: sssd.conf.5.xml:1494 sssd.conf.5.xml:1580 sssd.conf.5.xml:1635
+#: sssd.conf.5.xml:1688
msgid ""
"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1808,19 +1878,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1453
+#: sssd.conf.5.xml:1505
msgid "use_fully_qualified_names (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1456
+#: sssd.conf.5.xml:1508
msgid ""
"Use the full name and domain (as formatted by the domain's full_name_format) "
"as the user's login name reported to NSS."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1461
+#: sssd.conf.5.xml:1513
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified names. "
"For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -1829,7 +1899,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1469
+#: sssd.conf.5.xml:1521
msgid ""
"NOTE: This option has no effect on netgroup lookups due to their tendency to "
"include nested netgroups without qualified names. For netgroups, all domains "
@@ -1837,17 +1907,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1481
+#: sssd.conf.5.xml:1533
msgid "ignore_group_members (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1484
+#: sssd.conf.5.xml:1536
msgid "Do not return group members for group lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1487
+#: sssd.conf.5.xml:1539
msgid ""
"If set to TRUE, the group membership attribute is not requested from the "
"ldap server, and group members are not returned when processing group lookup "
@@ -1855,19 +1925,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1498
+#: sssd.conf.5.xml:1550
msgid "auth_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1501
+#: sssd.conf.5.xml:1553
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1505 sssd.conf.5.xml:1567
+#: sssd.conf.5.xml:1557 sssd.conf.5.xml:1619
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1875,7 +1945,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1512
+#: sssd.conf.5.xml:1564
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1883,30 +1953,30 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1536
+#: sssd.conf.5.xml:1588
msgid ""
"<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1543
+#: sssd.conf.5.xml:1595
msgid "<quote>none</quote> disables authentication explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1546
+#: sssd.conf.5.xml:1598
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1552
+#: sssd.conf.5.xml:1604
msgid "access_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1555
+#: sssd.conf.5.xml:1607
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -1914,19 +1984,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1561
+#: sssd.conf.5.xml:1613
msgid ""
"<quote>permit</quote> always allow access. It's the only permitted access "
"provider for a local domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1564
+#: sssd.conf.5.xml:1616
msgid "<quote>deny</quote> always deny access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1591
+#: sssd.conf.5.xml:1643
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
@@ -1935,24 +2005,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1598
+#: sssd.conf.5.xml:1650
msgid "Default: <quote>permit</quote>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1603
+#: sssd.conf.5.xml:1655
msgid "chpass_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1606
+#: sssd.conf.5.xml:1658
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1611
+#: sssd.conf.5.xml:1663
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
@@ -1960,7 +2030,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1619
+#: sssd.conf.5.xml:1671
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1968,35 +2038,35 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1644
+#: sssd.conf.5.xml:1696
msgid ""
"<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1648
+#: sssd.conf.5.xml:1700
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1651
+#: sssd.conf.5.xml:1703
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1658
+#: sssd.conf.5.xml:1710
msgid "sudo_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1661
+#: sssd.conf.5.xml:1713
msgid "The SUDO provider used for the domain. Supported SUDO providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1665
+#: sssd.conf.5.xml:1717
msgid ""
"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2004,32 +2074,32 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1673
+#: sssd.conf.5.xml:1725
msgid ""
"<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default "
"settings."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1677
+#: sssd.conf.5.xml:1729
msgid ""
"<quote>ad</quote> the same as <quote>ldap</quote> but with AD default "
"settings."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1681
+#: sssd.conf.5.xml:1733
msgid "<quote>none</quote> disables SUDO explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1684 sssd.conf.5.xml:1762 sssd.conf.5.xml:1794
-#: sssd.conf.5.xml:1819
+#: sssd.conf.5.xml:1736 sssd.conf.5.xml:1814 sssd.conf.5.xml:1846
+#: sssd.conf.5.xml:1871
msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1688
+#: sssd.conf.5.xml:1740
msgid ""
"The detailed instructions for configuration of sudo_provider are in the "
"manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> "
@@ -2040,12 +2110,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1705
+#: sssd.conf.5.xml:1757
msgid "selinux_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1708
+#: sssd.conf.5.xml:1760
msgid ""
"The provider which should handle loading of selinux settings. Note that this "
"provider will be called right after access provider ends. Supported selinux "
@@ -2053,7 +2123,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1714
+#: sssd.conf.5.xml:1766
msgid ""
"<quote>ipa</quote> to load selinux settings from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2061,31 +2131,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1722
+#: sssd.conf.5.xml:1774
msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1725
+#: sssd.conf.5.xml:1777
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"selinux loading requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1731
+#: sssd.conf.5.xml:1783
msgid "subdomains_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1734
+#: sssd.conf.5.xml:1786
msgid ""
"The provider which should handle fetching of subdomains. This value should "
"be always the same as id_provider. Supported subdomain providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1740
+#: sssd.conf.5.xml:1792
msgid ""
"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2093,7 +2163,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1749
+#: sssd.conf.5.xml:1801
msgid ""
"<quote>ad</quote> to load a list of subdomains from an Active Directory "
"server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> "
@@ -2102,23 +2172,23 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1758
+#: sssd.conf.5.xml:1810
msgid "<quote>none</quote> disallows fetching subdomains explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1769
+#: sssd.conf.5.xml:1821
msgid "autofs_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1772
+#: sssd.conf.5.xml:1824
msgid ""
"The autofs provider used for the domain. Supported autofs providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1776
+#: sssd.conf.5.xml:1828
msgid ""
"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2126,7 +2196,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1783
+#: sssd.conf.5.xml:1835
msgid ""
"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2134,24 +2204,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1791
+#: sssd.conf.5.xml:1843
msgid "<quote>none</quote> disables autofs explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1801
+#: sssd.conf.5.xml:1853
msgid "hostid_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1804
+#: sssd.conf.5.xml:1856
msgid ""
"The provider used for retrieving host identity information. Supported "
"hostid providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1808
+#: sssd.conf.5.xml:1860
msgid ""
"<quote>ipa</quote> to load host identity stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2159,12 +2229,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1816
+#: sssd.conf.5.xml:1868
msgid "<quote>none</quote> disables hostid explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1829
+#: sssd.conf.5.xml:1881
msgid ""
"Regular expression for this domain that describes how to parse the string "
"containing user name and domain into these components. The \"domain\" can "
@@ -2174,7 +2244,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1838
+#: sssd.conf.5.xml:1890
msgid ""
"Default for the AD and IPA provider: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
"\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
@@ -2183,29 +2253,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1843
+#: sssd.conf.5.xml:1895
msgid "username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1846
+#: sssd.conf.5.xml:1898
msgid "username@domain.name"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1849
+#: sssd.conf.5.xml:1901
msgid "domain\\username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1852
+#: sssd.conf.5.xml:1904
msgid ""
"While the first two correspond to the general default the third one is "
"introduced to allow easy integration of users from Windows domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1857
+#: sssd.conf.5.xml:1909
msgid ""
"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
"which translates to \"the name is everything up to the <quote>@</quote> "
@@ -2213,7 +2283,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1863
+#: sssd.conf.5.xml:1915
msgid ""
"PLEASE NOTE: the support for non-unique named subpatterns is not available "
"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
@@ -2221,66 +2291,66 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1870
+#: sssd.conf.5.xml:1922
msgid ""
"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?"
"P&lt;name&gt;) to label subpatterns."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1917
+#: sssd.conf.5.xml:1969
msgid "Default: <quote>%1$s@%2$s</quote>."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1923
+#: sssd.conf.5.xml:1975
msgid "lookup_family_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1926
+#: sssd.conf.5.xml:1978
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1930
+#: sssd.conf.5.xml:1982
msgid "Supported values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1933
+#: sssd.conf.5.xml:1985
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1936
+#: sssd.conf.5.xml:1988
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1939
+#: sssd.conf.5.xml:1991
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1942
+#: sssd.conf.5.xml:1994
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1945
+#: sssd.conf.5.xml:1997
msgid "Default: ipv4_first"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1951
+#: sssd.conf.5.xml:2003
msgid "dns_resolver_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1954
+#: sssd.conf.5.xml:2006
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -2288,70 +2358,70 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1960 sssd-ldap.5.xml:1184 sssd-ldap.5.xml:1226
-#: sssd-ldap.5.xml:1241 sssd-krb5.5.xml:239
+#: sssd.conf.5.xml:2012 sssd-ldap.5.xml:1184 sssd-ldap.5.xml:1226
+#: sssd-ldap.5.xml:1241 sssd-krb5.5.xml:248
msgid "Default: 6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1966
+#: sssd.conf.5.xml:2018
msgid "dns_discovery_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1969
+#: sssd.conf.5.xml:2021
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1973
+#: sssd.conf.5.xml:2025
msgid "Default: Use the domain part of machine's hostname"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1979
+#: sssd.conf.5.xml:2031
msgid "override_gid (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1982
+#: sssd.conf.5.xml:2034
msgid "Override the primary GID value with the one specified."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1988
+#: sssd.conf.5.xml:2040
msgid "case_sensitive (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1996
+#: sssd.conf.5.xml:2048
msgid "True"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1999
+#: sssd.conf.5.xml:2051
msgid "Case sensitive. This value is invalid for AD provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2005
+#: sssd.conf.5.xml:2057
msgid "False"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2007
+#: sssd.conf.5.xml:2059
msgid "Case insensitive."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2011
+#: sssd.conf.5.xml:2063
msgid "Preserving"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2014
+#: sssd.conf.5.xml:2066
msgid ""
"Same as False (case insensitive), but does not lowercase names in the result "
"of NSS operations. Note that name aliases (and in case of services also "
@@ -2359,7 +2429,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1991
+#: sssd.conf.5.xml:2043
msgid ""
"Treat user and group names as case sensitive. At the moment, this option is "
"not supported in the local provider. Possible option values are: "
@@ -2367,17 +2437,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2026
+#: sssd.conf.5.xml:2078
msgid "Default: True (False for AD provider)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2032
+#: sssd.conf.5.xml:2084
msgid "proxy_fast_alias (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2035
+#: sssd.conf.5.xml:2087
msgid ""
"When a user or group is looked up by name in the proxy provider, a second "
"lookup by ID is performed to \"canonicalize\" the name in case the requested "
@@ -2386,22 +2456,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2049
+#: sssd.conf.5.xml:2101
msgid "subdomain_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2060
+#: sssd.conf.5.xml:2112
msgid "%F"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2061
+#: sssd.conf.5.xml:2113
msgid "flat (NetBIOS) name of a subdomain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2052
+#: sssd.conf.5.xml:2104
msgid ""
"Use this homedir as default value for all subdomains within this domain in "
"IPA AD trust. See <emphasis>override_homedir</emphasis> for info about "
@@ -2411,29 +2481,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2066
+#: sssd.conf.5.xml:2118
msgid ""
"The value can be overridden by <emphasis>override_homedir</emphasis> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2070
+#: sssd.conf.5.xml:2122
msgid "Default: <filename>/home/%d/%u</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2075
+#: sssd.conf.5.xml:2127
msgid "realmd_tags (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2078
+#: sssd.conf.5.xml:2130
msgid ""
"Various tags stored by the realmd configuration service for this domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1092
+#: sssd.conf.5.xml:1144
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
@@ -2441,29 +2511,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2091
+#: sssd.conf.5.xml:2143
msgid "proxy_pam_target (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2094
+#: sssd.conf.5.xml:2146
msgid "The proxy target PAM proxies to."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2097
+#: sssd.conf.5.xml:2149
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2105
+#: sssd.conf.5.xml:2157
msgid "proxy_lib_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2108
+#: sssd.conf.5.xml:2160
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -2471,19 +2541,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:2087
+#: sssd.conf.5.xml:2139
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
"\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:2120
+#: sssd.conf.5.xml:2172
msgid "The local domain section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:2122
+#: sssd.conf.5.xml:2174
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -2491,73 +2561,73 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2129
+#: sssd.conf.5.xml:2181
msgid "default_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2132
+#: sssd.conf.5.xml:2184
msgid "The default shell for users created with SSSD userspace tools."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2136
+#: sssd.conf.5.xml:2188
msgid "Default: <filename>/bin/bash</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2141
+#: sssd.conf.5.xml:2193
msgid "base_directory (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2144
+#: sssd.conf.5.xml:2196
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2149
+#: sssd.conf.5.xml:2201
msgid "Default: <filename>/home</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2154
+#: sssd.conf.5.xml:2206
msgid "create_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2157
+#: sssd.conf.5.xml:2209
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2161 sssd.conf.5.xml:2173
+#: sssd.conf.5.xml:2213 sssd.conf.5.xml:2225
msgid "Default: TRUE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2166
+#: sssd.conf.5.xml:2218
msgid "remove_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2169
+#: sssd.conf.5.xml:2221
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2178
+#: sssd.conf.5.xml:2230
msgid "homedir_umask (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2181
+#: sssd.conf.5.xml:2233
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -2565,17 +2635,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2189
+#: sssd.conf.5.xml:2241
msgid "Default: 077"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2194
+#: sssd.conf.5.xml:2246
msgid "skel_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2197
+#: sssd.conf.5.xml:2249
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -2584,17 +2654,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2207
+#: sssd.conf.5.xml:2259
msgid "Default: <filename>/etc/skel</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2212
+#: sssd.conf.5.xml:2264
msgid "mail_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2215
+#: sssd.conf.5.xml:2267
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -2602,17 +2672,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2222
+#: sssd.conf.5.xml:2274
msgid "Default: <filename>/var/mail</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2227
+#: sssd.conf.5.xml:2279
msgid "userdel_cmd (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2230
+#: sssd.conf.5.xml:2282
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -2620,19 +2690,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2236
+#: sssd.conf.5.xml:2288
msgid "Default: None, no command is run"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:2246 sssd-ldap.5.xml:2518 sssd-simple.5.xml:131
-#: sssd-ipa.5.xml:718 sssd-ad.5.xml:843 sssd-krb5.5.xml:519
+#: sssd.conf.5.xml:2298 sssd-ldap.5.xml:2569 sssd-simple.5.xml:131
+#: sssd-ipa.5.xml:718 sssd-ad.5.xml:843 sssd-krb5.5.xml:564
#: sss_rpcidmapd.5.xml:98
msgid "EXAMPLE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:2252
+#: sssd.conf.5.xml:2304
#, no-wrap
msgid ""
"[sssd]\n"
@@ -2662,7 +2732,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:2248
+#: sssd.conf.5.xml:2300
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -3501,7 +3571,7 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:738 sssd-ldap.5.xml:831 sssd-ldap.5.xml:1058
-#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:2102 sssd-ldap.5.xml:2441
+#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:2153 sssd-ldap.5.xml:2492
#: sssd-ipa.5.xml:591
msgid "Default: cn"
msgstr ""
@@ -3782,11 +3852,6 @@ msgid ""
"dealing with complex or deep nested groups)."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1017
-msgid "ldap_use_tokengroups"
-msgstr ""
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1020
msgid ""
@@ -4021,7 +4086,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1258 sssd-ldap.5.xml:2259
+#: sssd-ldap.5.xml:1258 sssd-ldap.5.xml:2310
msgid "Default: 900 (15 minutes)"
msgstr ""
@@ -4472,7 +4537,7 @@ msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:403 sssd-krb5.5.xml:453
+#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:403 sssd-krb5.5.xml:462
msgid "krb5_canonicalize (boolean)"
msgstr ""
@@ -4484,12 +4549,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1700 sssd-krb5.5.xml:468
+#: sssd-ldap.5.xml:1700 sssd-krb5.5.xml:477
msgid "krb5_use_kdcinfo (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1703 sssd-krb5.5.xml:471
+#: sssd-ldap.5.xml:1703 sssd-krb5.5.xml:480
msgid ""
"Specifies if the SSSD should instruct the Kerberos libraries what realm and "
"which KDCs to use. This option is on by default, if you disable it, you need "
@@ -4499,7 +4564,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1714 sssd-krb5.5.xml:482
+#: sssd-ldap.5.xml:1714 sssd-krb5.5.xml:491
msgid ""
"See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</"
"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more "
@@ -4767,40 +4832,93 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1958
+msgid ""
+"<emphasis> Please note that this option is superseded by the <quote>ppolicy</"
+"quote> option and might be removed in a future release. </emphasis>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1965
+msgid ""
+"<emphasis>ppolicy</emphasis>: use account locking. If set, this option "
+"denies access in case that ldap attribute 'pwdAccountLockedTime' is present "
+"and has value of '000001010000Z' or represents any time in the past. The "
+"value of the 'pwdAccountLockedTime' attribute must end with 'Z', which "
+"denotes the UTC time zone. Other time zones are not currently supported and "
+"will result in \"access-denied\" when users attempt to log in. Please see "
+"the option ldap_pwdlockout_dn. Please note that 'access_provider = ldap' "
+"must be set for this feature to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1982
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1962
+#: sssd-ldap.5.xml:1986
+msgid ""
+"<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, "
+"pwd_expire_policy_renew: </emphasis> These options are useful if users are "
+"interested in being warned that password is about to expire and "
+"authentication is based on using a different method than passwords - for "
+"example SSH keys."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1996
+msgid ""
+"The difference between these options is the action taken if user password is "
+"expired: pwd_expire_policy_reject - user is denied to log in, "
+"pwd_expire_policy_warn - user is still able to log in, "
+"pwd_expire_policy_renew - user is prompted to change his password "
+"immediately."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2004
+msgid ""
+"Note If user password is expired no explicit message is prompted by SSSD."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2008
+msgid ""
+"Please note that 'access_provider = ldap' must be set for this feature to "
+"work. Also 'ldap_pwd_policy' must be set to an appropriate password policy."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2013
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1967
+#: sssd-ldap.5.xml:2018
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1971
+#: sssd-ldap.5.xml:2022
msgid "Default: filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1974
+#: sssd-ldap.5.xml:2025
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1981
+#: sssd-ldap.5.xml:2032
msgid "ldap_pwdlockout_dn (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1984
+#: sssd-ldap.5.xml:2035
msgid ""
"This option specifies the DN of password policy entry on LDAP server. Please "
"note that absence of this option in sssd.conf in case of enabled account "
@@ -4809,74 +4927,74 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1992
+#: sssd-ldap.5.xml:2043
msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1995
+#: sssd-ldap.5.xml:2046
msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2001
+#: sssd-ldap.5.xml:2052
msgid "ldap_deref (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2004
+#: sssd-ldap.5.xml:2055
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2009
+#: sssd-ldap.5.xml:2060
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2013
+#: sssd-ldap.5.xml:2064
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2018
+#: sssd-ldap.5.xml:2069
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2023
+#: sssd-ldap.5.xml:2074
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2028
+#: sssd-ldap.5.xml:2079
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2036
+#: sssd-ldap.5.xml:2087
msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2039
+#: sssd-ldap.5.xml:2090
msgid ""
"Allows to retain local users as members of an LDAP group for servers that "
"use the RFC2307 schema."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2043
+#: sssd-ldap.5.xml:2094
msgid ""
"In some environments where the RFC2307 schema is used, local users are made "
"members of LDAP groups by adding their names to the memberUid attribute. "
@@ -4887,7 +5005,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2054
+#: sssd-ldap.5.xml:2105
msgid ""
"This option falls back to checking if local users are referenced, and caches "
"them so that later initgroups() calls will augment the local users with the "
@@ -4905,12 +5023,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2070
+#: sssd-ldap.5.xml:2121
msgid "SUDO OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2072
+#: sssd-ldap.5.xml:2123
msgid ""
"The detailed instructions for configuration of sudo_provider are in the "
"manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> "
@@ -4918,208 +5036,208 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2083
+#: sssd-ldap.5.xml:2134
msgid "ldap_sudorule_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2086
+#: sssd-ldap.5.xml:2137
msgid "The object class of a sudo rule entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2089
+#: sssd-ldap.5.xml:2140
msgid "Default: sudoRole"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2095
+#: sssd-ldap.5.xml:2146
msgid "ldap_sudorule_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2098
+#: sssd-ldap.5.xml:2149
msgid "The LDAP attribute that corresponds to the sudo rule name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2108
+#: sssd-ldap.5.xml:2159
msgid "ldap_sudorule_command (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2111
+#: sssd-ldap.5.xml:2162
msgid "The LDAP attribute that corresponds to the command name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2115
+#: sssd-ldap.5.xml:2166
msgid "Default: sudoCommand"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2121
+#: sssd-ldap.5.xml:2172
msgid "ldap_sudorule_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2124
+#: sssd-ldap.5.xml:2175
msgid ""
"The LDAP attribute that corresponds to the host name (or host IP address, "
"host IP network, or host netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2129
+#: sssd-ldap.5.xml:2180
msgid "Default: sudoHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2135
+#: sssd-ldap.5.xml:2186
msgid "ldap_sudorule_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2138
+#: sssd-ldap.5.xml:2189
msgid ""
"The LDAP attribute that corresponds to the user name (or UID, group name or "
"user's netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2142
+#: sssd-ldap.5.xml:2193
msgid "Default: sudoUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2148
+#: sssd-ldap.5.xml:2199
msgid "ldap_sudorule_option (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2151
+#: sssd-ldap.5.xml:2202
msgid "The LDAP attribute that corresponds to the sudo options."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2155
+#: sssd-ldap.5.xml:2206
msgid "Default: sudoOption"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2161
+#: sssd-ldap.5.xml:2212
msgid "ldap_sudorule_runasuser (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2164
+#: sssd-ldap.5.xml:2215
msgid ""
"The LDAP attribute that corresponds to the user name that commands may be "
"run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2168
+#: sssd-ldap.5.xml:2219
msgid "Default: sudoRunAsUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2174
+#: sssd-ldap.5.xml:2225
msgid "ldap_sudorule_runasgroup (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2177
+#: sssd-ldap.5.xml:2228
msgid ""
"The LDAP attribute that corresponds to the group name or group GID that "
"commands may be run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2181
+#: sssd-ldap.5.xml:2232
msgid "Default: sudoRunAsGroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2187
+#: sssd-ldap.5.xml:2238
msgid "ldap_sudorule_notbefore (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2190
+#: sssd-ldap.5.xml:2241
msgid ""
"The LDAP attribute that corresponds to the start date/time for when the sudo "
"rule is valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2194
+#: sssd-ldap.5.xml:2245
msgid "Default: sudoNotBefore"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2200
+#: sssd-ldap.5.xml:2251
msgid "ldap_sudorule_notafter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2203
+#: sssd-ldap.5.xml:2254
msgid ""
"The LDAP attribute that corresponds to the expiration date/time, after which "
"the sudo rule will no longer be valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2208
+#: sssd-ldap.5.xml:2259
msgid "Default: sudoNotAfter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2214
+#: sssd-ldap.5.xml:2265
msgid "ldap_sudorule_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2217
+#: sssd-ldap.5.xml:2268
msgid "The LDAP attribute that corresponds to the ordering index of the rule."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2221
+#: sssd-ldap.5.xml:2272
msgid "Default: sudoOrder"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2227
+#: sssd-ldap.5.xml:2278
msgid "ldap_sudo_full_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2230
+#: sssd-ldap.5.xml:2281
msgid ""
"How many seconds SSSD will wait between executing a full refresh of sudo "
"rules (which downloads all rules that are stored on the server)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2235
+#: sssd-ldap.5.xml:2286
msgid ""
"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </"
"emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2240
+#: sssd-ldap.5.xml:2291
msgid "Default: 21600 (6 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2246
+#: sssd-ldap.5.xml:2297
msgid "ldap_sudo_smart_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2249
+#: sssd-ldap.5.xml:2300
msgid ""
"How many seconds SSSD has to wait before executing a smart refresh of sudo "
"rules (which downloads all rules that have USN higher than the highest USN "
@@ -5127,101 +5245,101 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2255
+#: sssd-ldap.5.xml:2306
msgid ""
"If USN attributes are not supported by the server, the modifyTimestamp "
"attribute is used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2265
+#: sssd-ldap.5.xml:2316
msgid "ldap_sudo_use_host_filter (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2268
+#: sssd-ldap.5.xml:2319
msgid ""
"If true, SSSD will download only rules that are applicable to this machine "
"(using the IPv4 or IPv6 host/network addresses and hostnames)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2279
+#: sssd-ldap.5.xml:2330
msgid "ldap_sudo_hostnames (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2282
+#: sssd-ldap.5.xml:2333
msgid ""
"Space separated list of hostnames or fully qualified domain names that "
"should be used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2287
+#: sssd-ldap.5.xml:2338
msgid ""
"If this option is empty, SSSD will try to discover the hostname and the "
"fully qualified domain name automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2292 sssd-ldap.5.xml:2315 sssd-ldap.5.xml:2333
-#: sssd-ldap.5.xml:2351
+#: sssd-ldap.5.xml:2343 sssd-ldap.5.xml:2366 sssd-ldap.5.xml:2384
+#: sssd-ldap.5.xml:2402
msgid ""
"If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</"
"emphasis> then this option has no effect."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2297 sssd-ldap.5.xml:2320
+#: sssd-ldap.5.xml:2348 sssd-ldap.5.xml:2371
msgid "Default: not specified"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2303
+#: sssd-ldap.5.xml:2354
msgid "ldap_sudo_ip (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2306
+#: sssd-ldap.5.xml:2357
msgid ""
"Space separated list of IPv4 or IPv6 host/network addresses that should be "
"used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2311
+#: sssd-ldap.5.xml:2362
msgid ""
"If this option is empty, SSSD will try to discover the addresses "
"automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2326
+#: sssd-ldap.5.xml:2377
msgid "ldap_sudo_include_netgroups (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2329
+#: sssd-ldap.5.xml:2380
msgid ""
"If true then SSSD will download every rule that contains a netgroup in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2344
+#: sssd-ldap.5.xml:2395
msgid "ldap_sudo_include_regexp (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2347
+#: sssd-ldap.5.xml:2398
msgid ""
"If true then SSSD will download every rule that contains a wildcard in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2363
+#: sssd-ldap.5.xml:2414
msgid ""
"This manual page only describes attribute name mapping. For detailed "
"explanation of sudo related attribute semantics, see <citerefentry> "
@@ -5230,91 +5348,91 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2373
+#: sssd-ldap.5.xml:2424
msgid "AUTOFS OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2375
+#: sssd-ldap.5.xml:2426
msgid ""
"Please note that the default values correspond to the default schema which "
"is RFC2307."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2381
+#: sssd-ldap.5.xml:2432
msgid "ldap_autofs_map_master_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2384
+#: sssd-ldap.5.xml:2435
msgid "The name of the automount master map in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2387
+#: sssd-ldap.5.xml:2438
msgid "Default: auto.master"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2394
+#: sssd-ldap.5.xml:2445
msgid "ldap_autofs_map_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2397 sssd-ldap.5.xml:2423
+#: sssd-ldap.5.xml:2448 sssd-ldap.5.xml:2474
msgid "The object class of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2400 sssd-ldap.5.xml:2427
+#: sssd-ldap.5.xml:2451 sssd-ldap.5.xml:2478
msgid "Default: automountMap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2407
+#: sssd-ldap.5.xml:2458
msgid "ldap_autofs_map_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2410
+#: sssd-ldap.5.xml:2461
msgid "The name of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2413
+#: sssd-ldap.5.xml:2464
msgid "Default: ou"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2420
+#: sssd-ldap.5.xml:2471
msgid "ldap_autofs_entry_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2434
+#: sssd-ldap.5.xml:2485
msgid "ldap_autofs_entry_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2437 sssd-ldap.5.xml:2451
+#: sssd-ldap.5.xml:2488 sssd-ldap.5.xml:2502
msgid ""
"The key of an automount entry in LDAP. The entry usually corresponds to a "
"mount point."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2448
+#: sssd-ldap.5.xml:2499
msgid "ldap_autofs_entry_value (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2455
+#: sssd-ldap.5.xml:2506
msgid "Default: automountInformation"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2379
+#: sssd-ldap.5.xml:2430
msgid ""
"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
@@ -5323,32 +5441,32 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2465
+#: sssd-ldap.5.xml:2516
msgid "ADVANCED OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2472
+#: sssd-ldap.5.xml:2523
msgid "ldap_netgroup_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2477
+#: sssd-ldap.5.xml:2528
msgid "ldap_user_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2482
+#: sssd-ldap.5.xml:2533
msgid "ldap_group_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><note>
-#: sssd-ldap.5.xml:2487
+#: sssd-ldap.5.xml:2538
msgid "<note>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para>
-#: sssd-ldap.5.xml:2489
+#: sssd-ldap.5.xml:2540
msgid ""
"If the option <quote>ldap_use_tokengroups</quote> is enabled. The searches "
"against Active Directory will not be restricted and return all groups "
@@ -5357,22 +5475,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist>
-#: sssd-ldap.5.xml:2496
+#: sssd-ldap.5.xml:2547
msgid "</note>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2498
+#: sssd-ldap.5.xml:2549
msgid "ldap_sudo_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2503
+#: sssd-ldap.5.xml:2554
msgid "ldap_autofs_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2467
+#: sssd-ldap.5.xml:2518
msgid ""
"These options are supported by LDAP domains, but they should be used with "
"caution. Please include them in your configuration only if you know what you "
@@ -5381,7 +5499,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2520
+#: sssd-ldap.5.xml:2571
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -5389,7 +5507,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2526
+#: sssd-ldap.5.xml:2577
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -5402,26 +5520,26 @@ msgid ""
msgstr ""
#. type: Content of: <refsect1><refsect2><para>
-#: sssd-ldap.5.xml:2525 sssd-ldap.5.xml:2543 sssd-simple.5.xml:139
+#: sssd-ldap.5.xml:2576 sssd-ldap.5.xml:2594 sssd-simple.5.xml:139
#: sssd-ipa.5.xml:726 sssd-ad.5.xml:851 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98
-#: sssd-krb5.5.xml:528 include/ldap_id_mapping.xml:105
+#: sssd-krb5.5.xml:573 include/ldap_id_mapping.xml:105
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2537
+#: sssd-ldap.5.xml:2588
msgid "LDAP ACCESS FILTER EXAMPLE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2539
+#: sssd-ldap.5.xml:2590
msgid ""
"The following example assumes that SSSD is correctly configured and to use "
"the ldap_access_order=lockout."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2544
+#: sssd-ldap.5.xml:2595
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -5437,13 +5555,13 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2559 sssd_krb5_locator_plugin.8.xml:61
+#: sssd-ldap.5.xml:2610 sssd_krb5_locator_plugin.8.xml:61
#: sssd-simple.5.xml:148 sssd-ad.5.xml:866 sssd.8.xml:195 sss_seed.8.xml:163
msgid "NOTES"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2561
+#: sssd-ldap.5.xml:2612
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -6203,7 +6321,7 @@ msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:371 sssd-krb5.5.xml:245
+#: sssd-ipa.5.xml:371 sssd-krb5.5.xml:254
msgid "krb5_validate (boolean)"
msgstr ""
@@ -6244,12 +6362,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:419 sssd-krb5.5.xml:407
+#: sssd-ipa.5.xml:419 sssd-krb5.5.xml:416
msgid "krb5_use_fast (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:422 sssd-krb5.5.xml:410
+#: sssd-ipa.5.xml:422 sssd-krb5.5.xml:419
msgid ""
"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-"
"authentication. The following options are supported:"
@@ -6269,7 +6387,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:436 sssd-krb5.5.xml:424
+#: sssd-ipa.5.xml:436 sssd-krb5.5.xml:433
msgid ""
"<emphasis>demand</emphasis> to use FAST. The authentication fails if the "
"server does not require fast."
@@ -6281,7 +6399,7 @@ msgid "Default: try"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:444 sssd-krb5.5.xml:435
+#: sssd-ipa.5.xml:444 sssd-krb5.5.xml:444
msgid ""
"NOTE: SSSD supports FAST only with MIT Kerberos version 1.8 and later. If "
"SSSD is used with an older version of MIT Kerberos, using this option is a "
@@ -7367,12 +7485,12 @@ msgid "Default: True"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:797 sssd-krb5.5.xml:496
+#: sssd-ad.5.xml:797 sssd-krb5.5.xml:505
msgid "krb5_use_enterprise_principal (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:800 sssd-krb5.5.xml:499
+#: sssd-ad.5.xml:800 sssd-krb5.5.xml:508
msgid ""
"Specifies if the user principal should be treated as enterprise principal. "
"See section 5 of RFC 6806 for more details about enterprise principals."
@@ -8315,16 +8433,24 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:225
+msgid ""
+"NOTE: Please be aware that libkrb5 ccache expansion template from "
+"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> uses different expansion sequences than SSSD."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:234
msgid "Default: (from libkrb5)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:231
+#: sssd-krb5.5.xml:240
msgid "krb5_auth_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:234
+#: sssd-krb5.5.xml:243
msgid ""
"Timeout in seconds after an online authentication request or change password "
"request is aborted. If possible, the authentication request is continued "
@@ -8332,7 +8458,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:248
+#: sssd-krb5.5.xml:257
msgid ""
"Verify with the help of krb5_keytab that the TGT obtained has not been "
"spoofed. The keytab is checked for entries sequentially, and the first entry "
@@ -8343,36 +8469,36 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:263
+#: sssd-krb5.5.xml:272
msgid "krb5_keytab (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:266
+#: sssd-krb5.5.xml:275
msgid ""
"The location of the keytab to use when validating credentials obtained from "
"KDCs."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:270
+#: sssd-krb5.5.xml:279
msgid "Default: /etc/krb5.keytab"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:276
+#: sssd-krb5.5.xml:285
msgid "krb5_store_password_if_offline (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:279
+#: sssd-krb5.5.xml:288
msgid ""
"Store the password of the user if the provider is offline and use it to "
"request a TGT when the provider comes online again."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:284
+#: sssd-krb5.5.xml:293
msgid ""
"NOTE: this feature is only available on Linux. Passwords stored in this way "
"are kept in plaintext in the kernel keyring and are potentially accessible "
@@ -8380,91 +8506,91 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:297
+#: sssd-krb5.5.xml:306
msgid "krb5_renewable_lifetime (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:300
+#: sssd-krb5.5.xml:309
msgid ""
"Request a renewable ticket with a total lifetime, given as an integer "
"immediately followed by a time unit:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:305 sssd-krb5.5.xml:339 sssd-krb5.5.xml:376
+#: sssd-krb5.5.xml:314 sssd-krb5.5.xml:348 sssd-krb5.5.xml:385
msgid "<emphasis>s</emphasis> for seconds"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:308 sssd-krb5.5.xml:342 sssd-krb5.5.xml:379
+#: sssd-krb5.5.xml:317 sssd-krb5.5.xml:351 sssd-krb5.5.xml:388
msgid "<emphasis>m</emphasis> for minutes"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:311 sssd-krb5.5.xml:345 sssd-krb5.5.xml:382
+#: sssd-krb5.5.xml:320 sssd-krb5.5.xml:354 sssd-krb5.5.xml:391
msgid "<emphasis>h</emphasis> for hours"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:314 sssd-krb5.5.xml:348 sssd-krb5.5.xml:385
+#: sssd-krb5.5.xml:323 sssd-krb5.5.xml:357 sssd-krb5.5.xml:394
msgid "<emphasis>d</emphasis> for days."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:317 sssd-krb5.5.xml:388
+#: sssd-krb5.5.xml:326 sssd-krb5.5.xml:397
msgid "If there is no unit given, <emphasis>s</emphasis> is assumed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:321 sssd-krb5.5.xml:392
+#: sssd-krb5.5.xml:330 sssd-krb5.5.xml:401
msgid ""
"NOTE: It is not possible to mix units. To set the renewable lifetime to one "
"and a half hours, use '90m' instead of '1h30m'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:326
+#: sssd-krb5.5.xml:335
msgid "Default: not set, i.e. the TGT is not renewable"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:332
+#: sssd-krb5.5.xml:341
msgid "krb5_lifetime (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:335
+#: sssd-krb5.5.xml:344
msgid ""
"Request ticket with a lifetime, given as an integer immediately followed by "
"a time unit:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:351
+#: sssd-krb5.5.xml:360
msgid "If there is no unit given <emphasis>s</emphasis> is assumed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:355
+#: sssd-krb5.5.xml:364
msgid ""
"NOTE: It is not possible to mix units. To set the lifetime to one and a "
"half hours please use '90m' instead of '1h30m'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:360
+#: sssd-krb5.5.xml:369
msgid ""
"Default: not set, i.e. the default ticket lifetime configured on the KDC."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:367
+#: sssd-krb5.5.xml:376
msgid "krb5_renew_interval (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:370
+#: sssd-krb5.5.xml:379
msgid ""
"The time in seconds between two checks if the TGT should be renewed. TGTs "
"are renewed if about half of their lifetime is exceeded, given as an integer "
@@ -8472,56 +8598,89 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:397
+#: sssd-krb5.5.xml:406
msgid "If this option is not set or is 0 the automatic renewal is disabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:415
+#: sssd-krb5.5.xml:424
msgid ""
"<emphasis>never</emphasis> use FAST. This is equivalent to not setting this "
"option at all."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:419
+#: sssd-krb5.5.xml:428
msgid ""
"<emphasis>try</emphasis> to use FAST. If the server does not support FAST, "
"continue the authentication without it."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:429
+#: sssd-krb5.5.xml:438
msgid "Default: not set, i.e. FAST is not used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:432
+#: sssd-krb5.5.xml:441
msgid "NOTE: a keytab is required to use FAST."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:444
+#: sssd-krb5.5.xml:453
msgid "krb5_fast_principal (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:447
+#: sssd-krb5.5.xml:456
msgid "Specifies the server principal to use for FAST."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:456
+#: sssd-krb5.5.xml:465
msgid ""
"Specifies if the host and user principal should be canonicalized. This "
"feature is available with MIT Kerberos 1.7 and later versions."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:505
+#: sssd-krb5.5.xml:514
msgid "Default: false (AD provider: true)"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:520
+msgid "krb5_map_user (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:523
+msgid ""
+"The list of mappings is given as a comma-separated list of pairs "
+"<quote>username:primary</quote> where <quote>username</quote> is a UNIX user "
+"name and <quote>primary</quote> is a user part of a kerberos principal. This "
+"mapping is used when user is authenticating using <quote>auth_provider = "
+"krb5</quote>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd-krb5.5.xml:535
+#, no-wrap
+msgid ""
+"krb5_realm = REALM\n"
+"krb5_map_user = joe:juser,dick:richard\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:540
+msgid ""
+"<quote>joe</quote> and <quote>dick</quote> are UNIX user names and "
+"<quote>juser</quote> and <quote>richard</quote> are primaries of kerberos "
+"principals. For user <quote>joe</quote> resp. <quote>dick</quote> SSSD will "
+"try to kinit as <quote>juser@REALM</quote> resp. <quote>richard@REALM</"
+"quote>."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-krb5.5.xml:65
msgid ""
@@ -8533,7 +8692,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-krb5.5.xml:521
+#: sssd-krb5.5.xml:566
msgid ""
"The following example assumes that SSSD is correctly configured and FOO is "
"one of the domains in the <replaceable>[sssd]</replaceable> section. This "
@@ -8542,7 +8701,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-krb5.5.xml:529
+#: sssd-krb5.5.xml:574
#, no-wrap
msgid ""
" [domain/FOO]\n"
diff --git a/src/man/po/ca.po b/src/man/po/ca.po
index c18836c5a..39597a68d 100644
--- a/src/man/po/ca.po
+++ b/src/man/po/ca.po
@@ -9,14 +9,14 @@
# muzzol <muzzol@gmail.com>, 2012
# muzzol <muzzol@gmail.com>, 2012
# Robert Antoni Buj i Gelonch, 2013
-# Robert Antoni Buj Gelonch <robert.buj@gmail.com>, 2015. #zanata
+# Robert Antoni Buj Gelonch <rbuj@fedoraproject.org>, 2015. #zanata
msgid ""
msgstr ""
"Project-Id-Version: sssd-docs 1.12.2\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2015-02-18 16:52+0100\n"
+"POT-Creation-Date: 2015-06-12 10:36+0200\n"
"PO-Revision-Date: 2015-01-31 02:07-0500\n"
-"Last-Translator: Robert Antoni Buj Gelonch <robert.buj@gmail.com>\n"
+"Last-Translator: Robert Antoni Buj Gelonch <rbuj@fedoraproject.org>\n"
"Language-Team: Catalan (http://www.transifex.com/projects/p/sssd/language/"
"ca/)\n"
"Language: ca\n"
@@ -24,7 +24,7 @@ msgstr ""
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"
-"X-Generator: Zanata 3.5.1\n"
+"X-Generator: Zanata 3.6.2\n"
#. type: Content of: <reference><title>
#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5
@@ -259,11 +259,11 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:81 sssd.conf.5.xml:571 sssd.conf.5.xml:1014
+#: sssd.conf.5.xml:81 sssd.conf.5.xml:602 sssd.conf.5.xml:1066
#: sssd-ldap.5.xml:1625 sssd-ldap.5.xml:1722 sssd-ldap.5.xml:1784
-#: sssd-ldap.5.xml:2273 sssd-ldap.5.xml:2338 sssd-ldap.5.xml:2356
+#: sssd-ldap.5.xml:2324 sssd-ldap.5.xml:2389 sssd-ldap.5.xml:2407
#: sssd-ipa.5.xml:378 sssd-ipa.5.xml:413 sssd-ad.5.xml:166 sssd-ad.5.xml:264
-#: sssd-ad.5.xml:714 sssd-ad.5.xml:806 sssd-krb5.5.xml:490
+#: sssd-ad.5.xml:714 sssd-ad.5.xml:806 sssd-krb5.5.xml:499
msgid "Default: true"
msgstr "Per defecte: true"
@@ -280,16 +280,16 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:94 sssd.conf.5.xml:968 sssd.conf.5.xml:2043
+#: sssd.conf.5.xml:94 sssd.conf.5.xml:1020 sssd.conf.5.xml:2095
#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1499 sssd-ldap.5.xml:1518
-#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:2060 sssd-ipa.5.xml:139
-#: sssd-ipa.5.xml:208 sssd-ipa.5.xml:543 sssd-krb5.5.xml:257
-#: sssd-krb5.5.xml:291 sssd-krb5.5.xml:462
+#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:2111 sssd-ipa.5.xml:139
+#: sssd-ipa.5.xml:208 sssd-ipa.5.xml:543 sssd-krb5.5.xml:266
+#: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471
msgid "Default: false"
msgstr "Per defecte: false"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:67 sssd.conf.5.xml:105 sssd-ldap.5.xml:2081
+#: sssd.conf.5.xml:67 sssd.conf.5.xml:105 sssd-ldap.5.xml:2132
msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
@@ -326,7 +326,7 @@ msgid "The [sssd] section"
msgstr "La secció [sssd]"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:137 sssd.conf.5.xml:2127
+#: sssd.conf.5.xml:137 sssd.conf.5.xml:2179
msgid "Section parameters"
msgstr "Paràmetres de la secció"
@@ -401,7 +401,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:193 sssd.conf.5.xml:1826
+#: sssd.conf.5.xml:193 sssd.conf.5.xml:1878
msgid "re_expression (string)"
msgstr "re_expression (cadena)"
@@ -421,12 +421,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:210 sssd.conf.5.xml:1877
+#: sssd.conf.5.xml:210 sssd.conf.5.xml:1929
msgid "full_name_format (string)"
msgstr "full_name_format (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:213 sssd.conf.5.xml:1880
+#: sssd.conf.5.xml:213 sssd.conf.5.xml:1932
msgid ""
"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
"manvolnum> </citerefentry>-compatible format that describes how to compose a "
@@ -434,39 +434,39 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:224 sssd.conf.5.xml:1891
+#: sssd.conf.5.xml:224 sssd.conf.5.xml:1943
msgid "%1$s"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:225 sssd.conf.5.xml:1892
+#: sssd.conf.5.xml:225 sssd.conf.5.xml:1944
msgid "user name"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:228 sssd.conf.5.xml:1895
+#: sssd.conf.5.xml:228 sssd.conf.5.xml:1947
msgid "%2$s"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:231 sssd.conf.5.xml:1898
+#: sssd.conf.5.xml:231 sssd.conf.5.xml:1950
msgid "domain name as specified in the SSSD config file."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:237 sssd.conf.5.xml:1904
+#: sssd.conf.5.xml:237 sssd.conf.5.xml:1956
msgid "%3$s"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:240 sssd.conf.5.xml:1907
+#: sssd.conf.5.xml:240 sssd.conf.5.xml:1959
msgid ""
"domain flat name. Mostly usable for Active Directory domains, both directly "
"configured or discovered via IPA trusts."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:221 sssd.conf.5.xml:1888
+#: sssd.conf.5.xml:221 sssd.conf.5.xml:1940
msgid ""
"The following expansions are supported: <placeholder type=\"variablelist\" "
"id=\"0\"/>"
@@ -598,8 +598,8 @@ msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:336 sssd-ldap.5.xml:663 sssd-ldap.5.xml:1458
#: sssd-ldap.5.xml:1470 sssd-ldap.5.xml:1552 sssd-ad.5.xml:557
-#: sssd-ad.5.xml:627 sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:203
-#: include/ldap_id_mapping.xml:214
+#: sssd-ad.5.xml:627 sssd-krb5.5.xml:410 sssd-krb5.5.xml:550
+#: include/ldap_id_mapping.xml:203 include/ldap_id_mapping.xml:214
msgid "Default: not set"
msgstr ""
@@ -712,18 +712,18 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:427 sssd.conf.5.xml:443 sssd.conf.5.xml:475
-#: sssd.conf.5.xml:702 sssd.conf.5.xml:888 sssd.conf.5.xml:1209
+#: sssd.conf.5.xml:733 sssd.conf.5.xml:919 sssd.conf.5.xml:1261
#: sssd-ldap.5.xml:1200
msgid "Default: 60"
msgstr "Per defecte: 60"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:432 sssd.conf.5.xml:1198
+#: sssd.conf.5.xml:432 sssd.conf.5.xml:1250
msgid "force_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:435 sssd.conf.5.xml:1201
+#: sssd.conf.5.xml:435 sssd.conf.5.xml:1253
msgid ""
"If a service is not responding to ping checks (see the <quote>timeout</"
"quote> option), it is first sent the SIGTERM signal that instructs it to "
@@ -770,13 +770,75 @@ msgid ""
"will be forced to one hour."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:480
+#, fuzzy
+#| msgid "mail_dir (string)"
+msgid "subdomain_inherit (string)"
+msgstr "mail_dir (cadena)"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:483
+msgid ""
+"Specifies a list of configuration parameters that should be inherited by a "
+"subdomain. Please note that only selected parameters can be inherited. "
+"Currently the following options can be inherited:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:489
+#, fuzzy
+#| msgid "ldap_netgroup_member (string)"
+msgid "ignore_group_members"
+msgstr "ldap_netgroup_member (cadena)"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:492
+#, fuzzy
+#| msgid "ldap_search_timeout (integer)"
+msgid "ldap_purge_cache_timeout"
+msgstr "ldap_search_timeout (enter)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:495 sssd-ldap.5.xml:1017
+msgid "ldap_use_tokengroups"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:498
+#, fuzzy
+#| msgid "ldap_user_principal (string)"
+msgid "ldap_user_principal"
+msgstr "ldap_user_principal (cadena)"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd.conf.5.xml:503
+#, no-wrap
+msgid ""
+"subdomain_inherit = ldap_purge_cache_timeout\n"
+" "
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:501
+#, fuzzy
+#| msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
+msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr "<placeholder type=\"programlisting\" id=\"0\"/>"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:507 sssd.conf.5.xml:963 sssd.conf.5.xml:984
+#: sssd.conf.5.xml:1244 sssd-ldap.5.xml:1753
+msgid "Default: none"
+msgstr "Per defecte: none"
+
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:484
+#: sssd.conf.5.xml:515
msgid "NSS configuration options"
msgstr "Opcions de configuració d'NSS"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:486
+#: sssd.conf.5.xml:517
msgid ""
"These options can be used to configure the Name Service Switch (NSS) service."
msgstr ""
@@ -784,12 +846,12 @@ msgstr ""
"servei de nom (NSS)."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:491
+#: sssd.conf.5.xml:522
msgid "enum_cache_timeout (integer)"
msgstr "enum_cache_timeout (Enter)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:494
+#: sssd.conf.5.xml:525
msgid ""
"How many seconds should nss_sss cache enumerations (requests for info about "
"all users)"
@@ -798,17 +860,17 @@ msgstr ""
"(peticions d'informació sobre tots els usuaris)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:498
+#: sssd.conf.5.xml:529
msgid "Default: 120"
msgstr "Per defecte: 120"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:503
+#: sssd.conf.5.xml:534
msgid "entry_cache_nowait_percentage (integer)"
msgstr "entry_cache_nowait_percentage (Enter)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:506
+#: sssd.conf.5.xml:537
msgid ""
"The entry cache can be set to automatically update entries in the background "
"if they are requested beyond a percentage of the entry_cache_timeout value "
@@ -819,7 +881,7 @@ msgstr ""
"valor entry_cache_timeout per al domini."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:512
+#: sssd.conf.5.xml:543
msgid ""
"For example, if the domain's entry_cache_timeout is set to 30s and "
"entry_cache_nowait_percentage is set to 50 (percent), entries that come in "
@@ -835,7 +897,7 @@ msgstr ""
"peticions que esperen per a una actualització de la memòria cau."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:522
+#: sssd.conf.5.xml:553
msgid ""
"Valid values for this option are 0-99 and represent a percentage of the "
"entry_cache_timeout for each domain. For performance reasons, this "
@@ -848,17 +910,17 @@ msgstr ""
"(0 desactiva aquesta característica)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:530
+#: sssd.conf.5.xml:561
msgid "Default: 50"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:535
+#: sssd.conf.5.xml:566
msgid "entry_negative_timeout (integer)"
msgstr "entry_negative_timeout (Enter)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:538
+#: sssd.conf.5.xml:569
msgid ""
"Specifies for how many seconds nss_sss should cache negative cache hits "
"(that is, queries for invalid database entries, like nonexistent ones) "
@@ -870,17 +932,17 @@ msgstr ""
"altra vegada."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:544 sssd.conf.5.xml:992
+#: sssd.conf.5.xml:575 sssd.conf.5.xml:1044
msgid "Default: 15"
msgstr "Per defecte: 15"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:549
+#: sssd.conf.5.xml:580
msgid "filter_users, filter_groups (string)"
msgstr "filter_users, filter_groups (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:552
+#: sssd.conf.5.xml:583
msgid ""
"Exclude certain users from being fetched from the sss NSS database. This is "
"particularly useful for system accounts. This option can also be set per-"
@@ -889,17 +951,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:559
+#: sssd.conf.5.xml:590
msgid "Default: root"
msgstr "Per defecte: root"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:564
+#: sssd.conf.5.xml:595
msgid "filter_users_in_groups (bool)"
msgstr "filter_users_in_groups (booleà)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:567
+#: sssd.conf.5.xml:598
msgid ""
"If you want filtered user still be group members set this option to false."
msgstr ""
@@ -907,25 +969,25 @@ msgstr ""
"aquesta opció a false."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:578
+#: sssd.conf.5.xml:609
msgid "fallback_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:581
+#: sssd.conf.5.xml:612
msgid ""
"Set a default template for a user's home directory if one is not specified "
"explicitly by the domain's data provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:586
+#: sssd.conf.5.xml:617
msgid ""
"The available values for this option are the same as for override_homedir."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
-#: sssd.conf.5.xml:592
+#: sssd.conf.5.xml:623
#, no-wrap
msgid ""
"fallback_homedir = /home/%u\n"
@@ -933,22 +995,23 @@ msgid ""
msgstr ""
#. type: Content of: <varlistentry><listitem><para>
-#: sssd.conf.5.xml:590 include/override_homedir.xml:55
+#: sssd.conf.5.xml:621 sssd.conf.5.xml:978 sssd-krb5.5.xml:533
+#: include/override_homedir.xml:55
msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:596
+#: sssd.conf.5.xml:627
msgid "Default: not set (no substitution for unset home directories)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:602
+#: sssd.conf.5.xml:633
msgid "override_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:605
+#: sssd.conf.5.xml:636
msgid ""
"Override the login shell for all users. This option supersedes any other "
"shell options if it takes effect and can be set either in the [nss] section "
@@ -956,49 +1019,49 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:611
+#: sssd.conf.5.xml:642
msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:617
+#: sssd.conf.5.xml:648
msgid "allowed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:620
+#: sssd.conf.5.xml:651
msgid ""
"Restrict user shell to one of the listed values. The order of evaluation is:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:623
+#: sssd.conf.5.xml:654
msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:627
+#: sssd.conf.5.xml:658
msgid ""
"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
"quote>, use the value of the shell_fallback parameter."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:632
+#: sssd.conf.5.xml:663
msgid ""
"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
"shells</quote>, a nologin shell is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:637
+#: sssd.conf.5.xml:668
#, fuzzy
#| msgid "These options can be used to configure any service."
msgid "The wildcard (*) can be used to allow any shell."
msgstr "Aquestes opcions es poden utilitzar per a configurar qualsevol servei."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:640
+#: sssd.conf.5.xml:671
msgid ""
"The (*) is useful if you want to use shell_fallback in case that user's "
"shell is not in <quote>/etc/shells</quote> and maintaining list of all "
@@ -1006,103 +1069,103 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:647
+#: sssd.conf.5.xml:678
msgid "An empty string for shell is passed as-is to libc."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:650
+#: sssd.conf.5.xml:681
msgid ""
"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
"that a restart of the SSSD is required in case a new shell is installed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:654
+#: sssd.conf.5.xml:685
msgid "Default: Not set. The user shell is automatically used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:659
+#: sssd.conf.5.xml:690
msgid "vetoed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:662
+#: sssd.conf.5.xml:693
msgid "Replace any instance of these shells with the shell_fallback"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:667
+#: sssd.conf.5.xml:698
msgid "shell_fallback (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:670
+#: sssd.conf.5.xml:701
msgid ""
"The default shell to use if an allowed shell is not installed on the machine."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:674
+#: sssd.conf.5.xml:705
msgid "Default: /bin/sh"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:679
+#: sssd.conf.5.xml:710
msgid "default_shell"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:682
+#: sssd.conf.5.xml:713
msgid ""
"The default shell to use if the provider does not return one during lookup. "
"This option can be specified globally in the [nss] section or per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:688
+#: sssd.conf.5.xml:719
msgid ""
"Default: not set (Return NULL if no shell is specified and rely on libc to "
"substitute something sensible when necessary, usually /bin/sh)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:695 sssd.conf.5.xml:881
+#: sssd.conf.5.xml:726 sssd.conf.5.xml:912
msgid "get_domains_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:698 sssd.conf.5.xml:884
+#: sssd.conf.5.xml:729 sssd.conf.5.xml:915
msgid ""
"Specifies time in seconds for which the list of subdomains will be "
"considered valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:707
+#: sssd.conf.5.xml:738
msgid "memcache_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:710
+#: sssd.conf.5.xml:741
msgid ""
"Specifies time in seconds for which records in the in-memory cache will be "
"valid"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:714 sssd-ldap.5.xml:706
+#: sssd.conf.5.xml:745 sssd-ldap.5.xml:706
msgid "Default: 300"
msgstr "Per defecte: 300"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:719 sssd-ifp.5.xml:74
+#: sssd.conf.5.xml:750 sssd-ifp.5.xml:74
msgid "user_attributes (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:722
+#: sssd.conf.5.xml:753
msgid ""
"Some of the additional NSS responder requests can return more attributes "
"than just the POSIX ones defined by the NSS interface. The list of "
@@ -1113,24 +1176,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:735
+#: sssd.conf.5.xml:766
msgid ""
"To make configuration more easy the NSS responder will check the InfoPipe "
"option if it is not set for the NSS responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:740
+#: sssd.conf.5.xml:771
msgid "Default: not set, fallback to InfoPipe option"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:747
+#: sssd.conf.5.xml:778
msgid "PAM configuration options"
msgstr "Opcions de configuració de PAM"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:749
+#: sssd.conf.5.xml:780
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
@@ -1139,12 +1202,12 @@ msgstr ""
"Authentication Module (PAM)."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:754
+#: sssd.conf.5.xml:785
msgid "offline_credentials_expiration (integer)"
msgstr "offline_credentials_expiration (Enter)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:757
+#: sssd.conf.5.xml:788
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
@@ -1154,17 +1217,17 @@ msgstr ""
"de sessió)."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:762 sssd.conf.5.xml:775
+#: sssd.conf.5.xml:793 sssd.conf.5.xml:806
msgid "Default: 0 (No limit)"
msgstr "Per defecte: 0 (sense límit)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:768
+#: sssd.conf.5.xml:799
msgid "offline_failed_login_attempts (integer)"
msgstr "offline_failed_login_attempts (Enter)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:771
+#: sssd.conf.5.xml:802
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
@@ -1173,12 +1236,12 @@ msgstr ""
"fallits es permet."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:781
+#: sssd.conf.5.xml:812
msgid "offline_failed_login_delay (integer)"
msgstr "offline_failed_login_delay (Enter)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:784
+#: sssd.conf.5.xml:815
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
@@ -1188,7 +1251,7 @@ msgstr ""
"possible."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:789
+#: sssd.conf.5.xml:820
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -1196,17 +1259,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:795 sssd.conf.5.xml:848
+#: sssd.conf.5.xml:826 sssd.conf.5.xml:879
msgid "Default: 5"
msgstr "Per defecte: 5"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:801
+#: sssd.conf.5.xml:832
msgid "pam_verbosity (integer)"
msgstr "pam_verbosity (Enter)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:804
+#: sssd.conf.5.xml:835
msgid ""
"Controls what kind of messages are shown to the user during authentication. "
"The higher the number to more messages are displayed."
@@ -1215,43 +1278,43 @@ msgstr ""
"autenticació. Com més gran sigui el nombre més missatges es mostren."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:809
+#: sssd.conf.5.xml:840
msgid "Currently sssd supports the following values:"
msgstr "L'Sssd suporta actualment els següents valors:"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:812
+#: sssd.conf.5.xml:843
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr "<emphasis>0</emphasis>: no mostris cap missatge"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:815
+#: sssd.conf.5.xml:846
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr "<emphasis>1</emphasis>: Mostra només missatges importants"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:819
+#: sssd.conf.5.xml:850
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr "<emphasis>2</emphasis>: Mostra missatges informatius"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:822
+#: sssd.conf.5.xml:853
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
"<emphasis>3</emphasis>: Mostra tots els missatges i informació de depuració"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:826 sssd.8.xml:63
+#: sssd.conf.5.xml:857 sssd.8.xml:63
msgid "Default: 1"
msgstr "Per defecte: 1"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:831
+#: sssd.conf.5.xml:862
msgid "pam_id_timeout (integer)"
msgstr "pam_id_timeout (Enter)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:834
+#: sssd.conf.5.xml:865
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -1263,7 +1326,7 @@ msgstr ""
"l'última informació."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:840
+#: sssd.conf.5.xml:871
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a per-"
@@ -1277,17 +1340,17 @@ msgstr ""
"proveïdor d'identitat."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:854
+#: sssd.conf.5.xml:885
msgid "pam_pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:857 sssd.conf.5.xml:1390
+#: sssd.conf.5.xml:888 sssd.conf.5.xml:1442
msgid "Display a warning N days before the password expires."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:860
+#: sssd.conf.5.xml:891
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1295,31 +1358,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:866 sssd.conf.5.xml:1393
+#: sssd.conf.5.xml:897 sssd.conf.5.xml:1445
msgid ""
"If zero is set, then this filter is not applied, i.e. if the expiration "
"warning was received from backend server, it will automatically be displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:871
+#: sssd.conf.5.xml:902
msgid ""
"This setting can be overridden by setting <emphasis>pwd_expiration_warning</"
"emphasis> for a particular domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:876 sssd.8.xml:79
+#: sssd.conf.5.xml:907 sssd.8.xml:79
msgid "Default: 0"
msgstr "Per defecte: 0"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:893
+#: sssd.conf.5.xml:924
msgid "pam_trusted_users (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:896
+#: sssd.conf.5.xml:927
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAM responder. User names are resolved to UIDs at "
@@ -1327,59 +1390,77 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:902
+#: sssd.conf.5.xml:933
msgid "Default: all (All users are allowed to access the PAM responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:906
+#: sssd.conf.5.xml:937
msgid ""
"Please note that UID 0 is always allowed to access the PAM responder even in "
"case it is not in the pam_trusted_users list."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:913
+#: sssd.conf.5.xml:944
msgid "pam_public_domains (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:916
+#: sssd.conf.5.xml:947
msgid ""
"Specifies the comma-separated list of domain names that are accessible even "
"to untrusted users."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:920
+#: sssd.conf.5.xml:951
msgid "Two special values for pam_public_domains option are defined:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:924
+#: sssd.conf.5.xml:955
msgid ""
"all (Untrusted users are allowed to access all domains in PAM responder.)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:928
+#: sssd.conf.5.xml:959
msgid ""
"none (Untrusted users are not allowed to access any domains PAM in "
"responder.)"
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:932 sssd.conf.5.xml:1192 sssd-ldap.5.xml:1753
-msgid "Default: none"
-msgstr "Per defecte: none"
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:968
+#, fuzzy
+#| msgid "ldap_account_expire_policy (string)"
+msgid "pam_account_expired_message (string)"
+msgstr "ldap_account_expire_policy (cadena)"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:971
+msgid ""
+"If user is authenticating using SSH keys and account is expired then by "
+"default 'Permission denied' is output. This output will be changed to "
+"content of this variable if it is set."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd.conf.5.xml:980
+#, no-wrap
+msgid ""
+"pam_account_expired_message = Account expired, please call help desk.\n"
+" "
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:941
+#: sssd.conf.5.xml:993
msgid "SUDO configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:943
+#: sssd.conf.5.xml:995
msgid ""
"These options can be used to configure the sudo service. The detailed "
"instructions for configuration of <citerefentry> <refentrytitle>sudo</"
@@ -1390,34 +1471,34 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:960
+#: sssd.conf.5.xml:1012
msgid "sudo_timed (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:1015
msgid ""
"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
"that implement time-dependent sudoers entries."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:976
+#: sssd.conf.5.xml:1028
msgid "AUTOFS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:978
+#: sssd.conf.5.xml:1030
msgid "These options can be used to configure the autofs service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:982
+#: sssd.conf.5.xml:1034
msgid "autofs_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:985
+#: sssd.conf.5.xml:1037
msgid ""
"Specifies for how many seconds should the autofs responder negative cache "
"hits (that is, queries for invalid map entries, like nonexistent ones) "
@@ -1425,51 +1506,51 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1001
+#: sssd.conf.5.xml:1053
msgid "SSH configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1003
+#: sssd.conf.5.xml:1055
msgid "These options can be used to configure the SSH service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1007
+#: sssd.conf.5.xml:1059
msgid "ssh_hash_known_hosts (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1010
+#: sssd.conf.5.xml:1062
msgid ""
"Whether or not to hash host names and addresses in the managed known_hosts "
"file."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1019
+#: sssd.conf.5.xml:1071
msgid "ssh_known_hosts_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1022
+#: sssd.conf.5.xml:1074
msgid ""
"How many seconds to keep a host in the managed known_hosts file after its "
"host keys were requested."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1026
+#: sssd.conf.5.xml:1078
msgid "Default: 180"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1034
+#: sssd.conf.5.xml:1086
msgid "PAC responder configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1036
+#: sssd.conf.5.xml:1088
msgid ""
"The PAC responder works together with the authorization data plugin for MIT "
"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
@@ -1481,7 +1562,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1045
+#: sssd.conf.5.xml:1097
msgid ""
"If the remote user does not exist in the cache, it is created. The uid is "
"determined with the help of the SID, trusted domains will have UPGs and the "
@@ -1492,24 +1573,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1053
+#: sssd.conf.5.xml:1105
msgid ""
"If there are SIDs of groups from domains sssd knows about, the user will be "
"added to those groups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1059
+#: sssd.conf.5.xml:1111
msgid "These options can be used to configure the PAC responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1063 sssd-ifp.5.xml:50
+#: sssd.conf.5.xml:1115 sssd-ifp.5.xml:50
msgid "allowed_uids (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1066
+#: sssd.conf.5.xml:1118
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAC responder. User names are resolved to UIDs at "
@@ -1517,12 +1598,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1072
+#: sssd.conf.5.xml:1124
msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1076
+#: sssd.conf.5.xml:1128
msgid ""
"Please note that although the UID 0 is used as the default it will be "
"overwritten with this option. If you still want to allow the root user to "
@@ -1531,17 +1612,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:1090
+#: sssd.conf.5.xml:1142
msgid "DOMAIN SECTIONS"
msgstr "SECCIONS DE DOMINI"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1097
+#: sssd.conf.5.xml:1149
msgid "min_id,max_id (integer)"
msgstr "min_id, max_id (Enter)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1100
+#: sssd.conf.5.xml:1152
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
@@ -1550,7 +1631,7 @@ msgstr ""
"fora d'aquests límits, s'ignora."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1105
+#: sssd.conf.5.xml:1157
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For non-"
@@ -1563,24 +1644,24 @@ msgstr ""
"com s'esperava."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1112
+#: sssd.conf.5.xml:1164
msgid ""
"These ID limits affect even saving entries to cache, not only returning them "
"by name or ID."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1116
+#: sssd.conf.5.xml:1168
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr "Per defecte: 1 per a min_id, 0 (sense límit) per a max_id"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1122
+#: sssd.conf.5.xml:1174
msgid "enumerate (bool)"
msgstr "enumerate (booleà)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1125
+#: sssd.conf.5.xml:1177
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
@@ -1589,23 +1670,23 @@ msgstr ""
"valors següents:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1129
+#: sssd.conf.5.xml:1181
msgid "TRUE = Users and groups are enumerated"
msgstr "TRUE = Els usuaris i grups s'enumeren"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1132
+#: sssd.conf.5.xml:1184
msgid "FALSE = No enumerations for this domain"
msgstr "FALSE = Cap enumeració per a aquest domini"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1135 sssd.conf.5.xml:1367 sssd.conf.5.xml:1476
-#: sssd.conf.5.xml:1493
+#: sssd.conf.5.xml:1187 sssd.conf.5.xml:1419 sssd.conf.5.xml:1528
+#: sssd.conf.5.xml:1545
msgid "Default: FALSE"
msgstr "Per defecte: FALSE"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1138
+#: sssd.conf.5.xml:1190
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
@@ -1617,7 +1698,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1151
+#: sssd.conf.5.xml:1203
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
@@ -1627,7 +1708,7 @@ msgstr ""
"finalitzi."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1156
+#: sssd.conf.5.xml:1208
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -1641,39 +1722,39 @@ msgstr ""
"ús."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1164
+#: sssd.conf.5.xml:1216
msgid ""
"For the reasons cited above, enabling enumeration is not recommended, "
"especially in large environments."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1172
+#: sssd.conf.5.xml:1224
msgid "subdomain_enumerate (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1179
+#: sssd.conf.5.xml:1231
msgid "all"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1180
+#: sssd.conf.5.xml:1232
msgid "All discovered trusted domains will be enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1183
+#: sssd.conf.5.xml:1235
msgid "none"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1184
+#: sssd.conf.5.xml:1236
msgid "No discovered trusted domains will be enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1175
+#: sssd.conf.5.xml:1227
msgid ""
"Whether any of autodetected trusted domains should be enumerated. The "
"supported values are: <placeholder type=\"variablelist\" id=\"0\"/> "
@@ -1682,12 +1763,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1215
+#: sssd.conf.5.xml:1267
msgid "entry_cache_timeout (integer)"
msgstr "entry_cache_timeout (Enter)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1218
+#: sssd.conf.5.xml:1270
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
@@ -1696,7 +1777,7 @@ msgstr ""
"demanar al rerefons una altra vegada"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1222
+#: sssd.conf.5.xml:1274
msgid ""
"The cache expiration timestamps are stored as attributes of individual "
"objects in the cache. Therefore, changing the cache timeout only has effect "
@@ -1707,152 +1788,153 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1235
+#: sssd.conf.5.xml:1287
msgid "Default: 5400"
msgstr "Per defecte: 5400"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1241
+#: sssd.conf.5.xml:1293
msgid "entry_cache_user_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1244
+#: sssd.conf.5.xml:1296
msgid ""
"How many seconds should nss_sss consider user entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1248 sssd.conf.5.xml:1261 sssd.conf.5.xml:1274
-#: sssd.conf.5.xml:1287 sssd.conf.5.xml:1300 sssd.conf.5.xml:1314
-#: sssd.conf.5.xml:1328
+#: sssd.conf.5.xml:1300 sssd.conf.5.xml:1313 sssd.conf.5.xml:1326
+#: sssd.conf.5.xml:1339 sssd.conf.5.xml:1352 sssd.conf.5.xml:1366
+#: sssd.conf.5.xml:1380
msgid "Default: entry_cache_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1254
+#: sssd.conf.5.xml:1306
msgid "entry_cache_group_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1257
+#: sssd.conf.5.xml:1309
msgid ""
"How many seconds should nss_sss consider group entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1267
+#: sssd.conf.5.xml:1319
msgid "entry_cache_netgroup_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1270
+#: sssd.conf.5.xml:1322
msgid ""
"How many seconds should nss_sss consider netgroup entries valid before "
"asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1280
+#: sssd.conf.5.xml:1332
msgid "entry_cache_service_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1283
+#: sssd.conf.5.xml:1335
msgid ""
"How many seconds should nss_sss consider service entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1293
+#: sssd.conf.5.xml:1345
msgid "entry_cache_sudo_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1296
+#: sssd.conf.5.xml:1348
msgid ""
"How many seconds should sudo consider rules valid before asking the backend "
"again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1306
+#: sssd.conf.5.xml:1358
msgid "entry_cache_autofs_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1309
+#: sssd.conf.5.xml:1361
msgid ""
"How many seconds should the autofs service consider automounter maps valid "
"before asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1320
+#: sssd.conf.5.xml:1372
msgid "entry_cache_ssh_host_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1323
+#: sssd.conf.5.xml:1375
msgid ""
"How many seconds to keep a host ssh key after refresh. IE how long to cache "
"the host key for."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1334
+#: sssd.conf.5.xml:1386
msgid "refresh_expired_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1337
+#: sssd.conf.5.xml:1389
msgid ""
"Specifies how many seconds SSSD has to wait before triggering a background "
"refresh task which will refresh all expired or nearly expired records."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1342
-msgid "Currently only refreshing expired netgroups is supported."
+#: sssd.conf.5.xml:1394
+msgid ""
+"The background refresh will process users, groups and netgroups in the cache."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1346
+#: sssd.conf.5.xml:1398
msgid "You can consider setting this value to 3/4 * entry_cache_timeout."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1350 sssd-ipa.5.xml:224
+#: sssd.conf.5.xml:1402 sssd-ipa.5.xml:224
msgid "Default: 0 (disabled)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1356
+#: sssd.conf.5.xml:1408
msgid "cache_credentials (bool)"
msgstr "cache_credentials (bool)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1359
+#: sssd.conf.5.xml:1411
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
"Determina si les credencials d'usuari també són emmagatzemades en la memòria "
"cau local de LDB"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1363
+#: sssd.conf.5.xml:1415
msgid "User credentials are stored in a SHA512 hash, not in plaintext"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1372
+#: sssd.conf.5.xml:1424
msgid "account_cache_expiration (integer)"
msgstr "account_cache_expiration (Enter)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1375
+#: sssd.conf.5.xml:1427
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -1865,17 +1947,17 @@ msgstr ""
"ha de ser superior o igual a offline_credentials_expiration."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1382
+#: sssd.conf.5.xml:1434
msgid "Default: 0 (unlimited)"
msgstr "Per defecte: 0 (sense límit)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1387
+#: sssd.conf.5.xml:1439
msgid "pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1398
+#: sssd.conf.5.xml:1450
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1884,33 +1966,33 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1405
+#: sssd.conf.5.xml:1457
msgid "Default: 7 (Kerberos), 0 (LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1411
+#: sssd.conf.5.xml:1463
msgid "id_provider (string)"
msgstr "id_provider (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1414
+#: sssd.conf.5.xml:1466
msgid ""
"The identification provider used for the domain. Supported ID providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1418
+#: sssd.conf.5.xml:1470
msgid "<quote>proxy</quote>: Support a legacy NSS provider"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1421 sssd.conf.5.xml:1539
+#: sssd.conf.5.xml:1473 sssd.conf.5.xml:1591
msgid "<quote>local</quote>: SSSD internal provider for local users"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1425
+#: sssd.conf.5.xml:1477
msgid ""
"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
@@ -1918,8 +2000,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1433 sssd.conf.5.xml:1519 sssd.conf.5.xml:1574
-#: sssd.conf.5.xml:1627
+#: sssd.conf.5.xml:1485 sssd.conf.5.xml:1571 sssd.conf.5.xml:1626
+#: sssd.conf.5.xml:1679
msgid ""
"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -1928,8 +2010,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1442 sssd.conf.5.xml:1528 sssd.conf.5.xml:1583
-#: sssd.conf.5.xml:1636
+#: sssd.conf.5.xml:1494 sssd.conf.5.xml:1580 sssd.conf.5.xml:1635
+#: sssd.conf.5.xml:1688
msgid ""
"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1937,19 +2019,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1453
+#: sssd.conf.5.xml:1505
msgid "use_fully_qualified_names (bool)"
msgstr "use_fully_qualified_names (booleà)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1456
+#: sssd.conf.5.xml:1508
msgid ""
"Use the full name and domain (as formatted by the domain's full_name_format) "
"as the user's login name reported to NSS."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1461
+#: sssd.conf.5.xml:1513
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified names. "
"For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -1962,7 +2044,7 @@ msgstr ""
"trobaria l'usuari mentre que <command>getent passwd test@LOCAL</command> si."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1469
+#: sssd.conf.5.xml:1521
msgid ""
"NOTE: This option has no effect on netgroup lookups due to their tendency to "
"include nested netgroups without qualified names. For netgroups, all domains "
@@ -1970,17 +2052,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1481
+#: sssd.conf.5.xml:1533
msgid "ignore_group_members (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1484
+#: sssd.conf.5.xml:1536
msgid "Do not return group members for group lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1487
+#: sssd.conf.5.xml:1539
msgid ""
"If set to TRUE, the group membership attribute is not requested from the "
"ldap server, and group members are not returned when processing group lookup "
@@ -1988,12 +2070,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1498
+#: sssd.conf.5.xml:1550
msgid "auth_provider (string)"
msgstr "auth_provider (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1501
+#: sssd.conf.5.xml:1553
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
@@ -2002,7 +2084,7 @@ msgstr ""
"d'autenticació suportats són:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1505 sssd.conf.5.xml:1567
+#: sssd.conf.5.xml:1557 sssd.conf.5.xml:1619
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2013,7 +2095,7 @@ msgstr ""
"manvolnum></citerefentry> per a més informació sobre configuració d'LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1512
+#: sssd.conf.5.xml:1564
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2024,7 +2106,7 @@ msgstr ""
"manvolnum></citerefentry> per a més informació sobre configurar Kerberos."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1536
+#: sssd.conf.5.xml:1588
msgid ""
"<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr ""
@@ -2032,12 +2114,12 @@ msgstr ""
"de PAM."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1543
+#: sssd.conf.5.xml:1595
msgid "<quote>none</quote> disables authentication explicitly."
msgstr "<quote>none</quote> impossibilita l'autenticació explícitament."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1546
+#: sssd.conf.5.xml:1598
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
@@ -2046,12 +2128,12 @@ msgstr ""
"gestionar les sol·licituds d'autenticació."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1552
+#: sssd.conf.5.xml:1604
msgid "access_provider (string)"
msgstr "access_provider (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1555
+#: sssd.conf.5.xml:1607
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -2062,19 +2144,19 @@ msgstr ""
"instal·lats) Els proveïdors especials interns són:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1561
+#: sssd.conf.5.xml:1613
msgid ""
"<quote>permit</quote> always allow access. It's the only permitted access "
"provider for a local domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1564
+#: sssd.conf.5.xml:1616
msgid "<quote>deny</quote> always deny access."
msgstr "<quote>deny</quote> sempre denega l'accés."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1591
+#: sssd.conf.5.xml:1643
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
@@ -2087,17 +2169,17 @@ msgstr ""
"configuració del mòdul d'accés simple."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1598
+#: sssd.conf.5.xml:1650
msgid "Default: <quote>permit</quote>"
msgstr "Per defecte: <quote>permit</quote>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1603
+#: sssd.conf.5.xml:1655
msgid "chpass_provider (string)"
msgstr "chpass_provider (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1606
+#: sssd.conf.5.xml:1658
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
@@ -2106,7 +2188,7 @@ msgstr ""
"al domini. Els proveïdors de canvi de contrasenya compatibles són:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1611
+#: sssd.conf.5.xml:1663
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
@@ -2118,7 +2200,7 @@ msgstr ""
"configuració d'LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1619
+#: sssd.conf.5.xml:1671
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2129,7 +2211,7 @@ msgstr ""
"manvolnum></citerefentry> per a més informació sobre configurar Kerberos."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1644
+#: sssd.conf.5.xml:1696
msgid ""
"<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr ""
@@ -2137,12 +2219,12 @@ msgstr ""
"objectiu de PAM."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1648
+#: sssd.conf.5.xml:1700
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr "<quote>none</quote> rebutja els canvis de contrasenya explícitament."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1651
+#: sssd.conf.5.xml:1703
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
@@ -2151,17 +2233,17 @@ msgstr ""
"gestionar peticions de canvi de contrasenya."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1658
+#: sssd.conf.5.xml:1710
msgid "sudo_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1661
+#: sssd.conf.5.xml:1713
msgid "The SUDO provider used for the domain. Supported SUDO providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1665
+#: sssd.conf.5.xml:1717
msgid ""
"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2169,32 +2251,32 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1673
+#: sssd.conf.5.xml:1725
msgid ""
"<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default "
"settings."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1677
+#: sssd.conf.5.xml:1729
msgid ""
"<quote>ad</quote> the same as <quote>ldap</quote> but with AD default "
"settings."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1681
+#: sssd.conf.5.xml:1733
msgid "<quote>none</quote> disables SUDO explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1684 sssd.conf.5.xml:1762 sssd.conf.5.xml:1794
-#: sssd.conf.5.xml:1819
+#: sssd.conf.5.xml:1736 sssd.conf.5.xml:1814 sssd.conf.5.xml:1846
+#: sssd.conf.5.xml:1871
msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1688
+#: sssd.conf.5.xml:1740
msgid ""
"The detailed instructions for configuration of sudo_provider are in the "
"manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> "
@@ -2205,12 +2287,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1705
+#: sssd.conf.5.xml:1757
msgid "selinux_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1708
+#: sssd.conf.5.xml:1760
msgid ""
"The provider which should handle loading of selinux settings. Note that this "
"provider will be called right after access provider ends. Supported selinux "
@@ -2218,7 +2300,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1714
+#: sssd.conf.5.xml:1766
msgid ""
"<quote>ipa</quote> to load selinux settings from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2226,31 +2308,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1722
+#: sssd.conf.5.xml:1774
msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1725
+#: sssd.conf.5.xml:1777
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"selinux loading requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1731
+#: sssd.conf.5.xml:1783
msgid "subdomains_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1734
+#: sssd.conf.5.xml:1786
msgid ""
"The provider which should handle fetching of subdomains. This value should "
"be always the same as id_provider. Supported subdomain providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1740
+#: sssd.conf.5.xml:1792
msgid ""
"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2258,7 +2340,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1749
+#: sssd.conf.5.xml:1801
msgid ""
"<quote>ad</quote> to load a list of subdomains from an Active Directory "
"server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> "
@@ -2267,23 +2349,23 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1758
+#: sssd.conf.5.xml:1810
msgid "<quote>none</quote> disallows fetching subdomains explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1769
+#: sssd.conf.5.xml:1821
msgid "autofs_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1772
+#: sssd.conf.5.xml:1824
msgid ""
"The autofs provider used for the domain. Supported autofs providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1776
+#: sssd.conf.5.xml:1828
msgid ""
"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2291,7 +2373,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1783
+#: sssd.conf.5.xml:1835
msgid ""
"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2299,24 +2381,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1791
+#: sssd.conf.5.xml:1843
msgid "<quote>none</quote> disables autofs explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1801
+#: sssd.conf.5.xml:1853
msgid "hostid_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1804
+#: sssd.conf.5.xml:1856
msgid ""
"The provider used for retrieving host identity information. Supported "
"hostid providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1808
+#: sssd.conf.5.xml:1860
msgid ""
"<quote>ipa</quote> to load host identity stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2324,12 +2406,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1816
+#: sssd.conf.5.xml:1868
msgid "<quote>none</quote> disables hostid explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1829
+#: sssd.conf.5.xml:1881
msgid ""
"Regular expression for this domain that describes how to parse the string "
"containing user name and domain into these components. The \"domain\" can "
@@ -2339,7 +2421,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1838
+#: sssd.conf.5.xml:1890
msgid ""
"Default for the AD and IPA provider: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
"\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
@@ -2348,29 +2430,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1843
+#: sssd.conf.5.xml:1895
msgid "username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1846
+#: sssd.conf.5.xml:1898
msgid "username@domain.name"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1849
+#: sssd.conf.5.xml:1901
msgid "domain\\username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1852
+#: sssd.conf.5.xml:1904
msgid ""
"While the first two correspond to the general default the third one is "
"introduced to allow easy integration of users from Windows domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1857
+#: sssd.conf.5.xml:1909
msgid ""
"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
"which translates to \"the name is everything up to the <quote>@</quote> "
@@ -2381,7 +2463,7 @@ msgstr ""
"quote> , el domini tot el que ve després\""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1863
+#: sssd.conf.5.xml:1915
msgid ""
"PLEASE NOTE: the support for non-unique named subpatterns is not available "
"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
@@ -2389,7 +2471,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1870
+#: sssd.conf.5.xml:1922
msgid ""
"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?"
"P&lt;name&gt;) to label subpatterns."
@@ -2398,17 +2480,17 @@ msgstr ""
"sintaxi Python (?P &lt;name&gt;) a l'etiqueta subpatterns."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1917
+#: sssd.conf.5.xml:1969
msgid "Default: <quote>%1$s@%2$s</quote>."
msgstr "Per defecte: <quote>%1$s@%2$s</quote>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1923
+#: sssd.conf.5.xml:1975
msgid "lookup_family_order (string)"
msgstr "lookup_family_order (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1926
+#: sssd.conf.5.xml:1978
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
@@ -2417,42 +2499,42 @@ msgstr ""
"realitzar cerques de DNS."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1930
+#: sssd.conf.5.xml:1982
msgid "Supported values:"
msgstr "Valors admesos:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1933
+#: sssd.conf.5.xml:1985
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr "ipv4_first: Intenta resoldre l'adreça IPv4, si falla, intenta IPv6"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1936
+#: sssd.conf.5.xml:1988
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr "ipv4_only: Intenta resoldre només noms màquina a adreces IPv4."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1939
+#: sssd.conf.5.xml:1991
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr "ipv6_first: Intenta resoldre l'adreça IPv6, si falla, intenta IPv4"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1942
+#: sssd.conf.5.xml:1994
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr "ipv6_only: Intenta resoldre només noms màquina a adreces IPv6."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1945
+#: sssd.conf.5.xml:1997
msgid "Default: ipv4_first"
msgstr "Per defecte: ipv4_first"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1951
+#: sssd.conf.5.xml:2003
msgid "dns_resolver_timeout (integer)"
msgstr "dns_resolver_timeout (enter)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1954
+#: sssd.conf.5.xml:2006
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -2463,18 +2545,18 @@ msgstr ""
"aquest temps d'espera, el domini seguirà operant en el mode fora de línia."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1960 sssd-ldap.5.xml:1184 sssd-ldap.5.xml:1226
-#: sssd-ldap.5.xml:1241 sssd-krb5.5.xml:239
+#: sssd.conf.5.xml:2012 sssd-ldap.5.xml:1184 sssd-ldap.5.xml:1226
+#: sssd-ldap.5.xml:1241 sssd-krb5.5.xml:248
msgid "Default: 6"
msgstr "Per defecte: 6"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1966
+#: sssd.conf.5.xml:2018
msgid "dns_discovery_domain (string)"
msgstr "dns_discovery_domain (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1969
+#: sssd.conf.5.xml:2021
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
@@ -2483,52 +2565,52 @@ msgstr ""
"del domini de la consulta DNS del servei de descobriment."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1973
+#: sssd.conf.5.xml:2025
msgid "Default: Use the domain part of machine's hostname"
msgstr "Per defecte: Utilitza la part del domini del nom de màquina"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1979
+#: sssd.conf.5.xml:2031
msgid "override_gid (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1982
+#: sssd.conf.5.xml:2034
msgid "Override the primary GID value with the one specified."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1988
+#: sssd.conf.5.xml:2040
msgid "case_sensitive (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1996
+#: sssd.conf.5.xml:2048
msgid "True"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1999
+#: sssd.conf.5.xml:2051
msgid "Case sensitive. This value is invalid for AD provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2005
+#: sssd.conf.5.xml:2057
msgid "False"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2007
+#: sssd.conf.5.xml:2059
msgid "Case insensitive."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2011
+#: sssd.conf.5.xml:2063
msgid "Preserving"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2014
+#: sssd.conf.5.xml:2066
msgid ""
"Same as False (case insensitive), but does not lowercase names in the result "
"of NSS operations. Note that name aliases (and in case of services also "
@@ -2536,7 +2618,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1991
+#: sssd.conf.5.xml:2043
msgid ""
"Treat user and group names as case sensitive. At the moment, this option is "
"not supported in the local provider. Possible option values are: "
@@ -2544,17 +2626,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2026
+#: sssd.conf.5.xml:2078
msgid "Default: True (False for AD provider)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2032
+#: sssd.conf.5.xml:2084
msgid "proxy_fast_alias (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2035
+#: sssd.conf.5.xml:2087
msgid ""
"When a user or group is looked up by name in the proxy provider, a second "
"lookup by ID is performed to \"canonicalize\" the name in case the requested "
@@ -2563,22 +2645,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2049
+#: sssd.conf.5.xml:2101
msgid "subdomain_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2060
+#: sssd.conf.5.xml:2112
msgid "%F"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2061
+#: sssd.conf.5.xml:2113
msgid "flat (NetBIOS) name of a subdomain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2052
+#: sssd.conf.5.xml:2104
msgid ""
"Use this homedir as default value for all subdomains within this domain in "
"IPA AD trust. See <emphasis>override_homedir</emphasis> for info about "
@@ -2588,29 +2670,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2066
+#: sssd.conf.5.xml:2118
msgid ""
"The value can be overridden by <emphasis>override_homedir</emphasis> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2070
+#: sssd.conf.5.xml:2122
msgid "Default: <filename>/home/%d/%u</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2075
+#: sssd.conf.5.xml:2127
msgid "realmd_tags (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2078
+#: sssd.conf.5.xml:2130
msgid ""
"Various tags stored by the realmd configuration service for this domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1092
+#: sssd.conf.5.xml:1144
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
@@ -2621,17 +2703,17 @@ msgstr ""
"replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2091
+#: sssd.conf.5.xml:2143
msgid "proxy_pam_target (string)"
msgstr "proxy_pam_target (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2094
+#: sssd.conf.5.xml:2146
msgid "The proxy target PAM proxies to."
msgstr "El servidor intermediari on re-envia PAM."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2097
+#: sssd.conf.5.xml:2149
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
@@ -2640,12 +2722,12 @@ msgstr ""
"de pam existent o crear-ne una de nova i afegir aquí el nom del servei."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2105
+#: sssd.conf.5.xml:2157
msgid "proxy_lib_name (string)"
msgstr "proxy_lib_name (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2108
+#: sssd.conf.5.xml:2160
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -2656,7 +2738,7 @@ msgstr ""
"$(libName)_$(function), per exemple _nss_files_getpwent."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:2087
+#: sssd.conf.5.xml:2139
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
"\"0\"/>"
@@ -2665,12 +2747,12 @@ msgstr ""
"\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:2120
+#: sssd.conf.5.xml:2172
msgid "The local domain section"
msgstr "La secció de domini local"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:2122
+#: sssd.conf.5.xml:2174
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -2681,29 +2763,29 @@ msgstr ""
"<replaceable>id_provider = local</replaceable>."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2129
+#: sssd.conf.5.xml:2181
msgid "default_shell (string)"
msgstr "default_shell (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2132
+#: sssd.conf.5.xml:2184
msgid "The default shell for users created with SSSD userspace tools."
msgstr ""
"L'intèrpret d'ordres per defecte per als usuaris creats amb eines SSSD "
"d'espai d'usuari."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2136
+#: sssd.conf.5.xml:2188
msgid "Default: <filename>/bin/bash</filename>"
msgstr "Per defecte: <filename>/bin/bash</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2141
+#: sssd.conf.5.xml:2193
msgid "base_directory (string)"
msgstr "base_directory (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2144
+#: sssd.conf.5.xml:2196
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
@@ -2712,46 +2794,46 @@ msgstr ""
"replaceable> i utilitzen això com el directori d'usuari."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2149
+#: sssd.conf.5.xml:2201
msgid "Default: <filename>/home</filename>"
msgstr "Per defecte: <filename>/home</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2154
+#: sssd.conf.5.xml:2206
msgid "create_homedir (bool)"
msgstr "create_homedir (booleà)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2157
+#: sssd.conf.5.xml:2209
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2161 sssd.conf.5.xml:2173
+#: sssd.conf.5.xml:2213 sssd.conf.5.xml:2225
msgid "Default: TRUE"
msgstr "Per defecte: TRUE"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2166
+#: sssd.conf.5.xml:2218
msgid "remove_homedir (bool)"
msgstr "remove_homedir (booleà)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2169
+#: sssd.conf.5.xml:2221
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2178
+#: sssd.conf.5.xml:2230
msgid "homedir_umask (integer)"
msgstr "homedir_umask (enter)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2181
+#: sssd.conf.5.xml:2233
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -2762,17 +2844,17 @@ msgstr ""
"defecte en un directori personal acabat de crear."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2189
+#: sssd.conf.5.xml:2241
msgid "Default: 077"
msgstr "Per defecte: 077"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2194
+#: sssd.conf.5.xml:2246
msgid "skel_dir (string)"
msgstr "skel_dir (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2197
+#: sssd.conf.5.xml:2249
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -2785,17 +2867,17 @@ msgstr ""
"manvolnum></citerefentry>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2207
+#: sssd.conf.5.xml:2259
msgid "Default: <filename>/etc/skel</filename>"
msgstr "Per defecte: <filename>/etc/skel</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2212
+#: sssd.conf.5.xml:2264
msgid "mail_dir (string)"
msgstr "mail_dir (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2215
+#: sssd.conf.5.xml:2267
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -2806,17 +2888,17 @@ msgstr ""
"s'especifica, s'utilitzarà un valor per defecte."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2222
+#: sssd.conf.5.xml:2274
msgid "Default: <filename>/var/mail</filename>"
msgstr "Per defecte: <filename>/var/correu</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2227
+#: sssd.conf.5.xml:2279
msgid "userdel_cmd (string)"
msgstr "userdel_cmd (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2230
+#: sssd.conf.5.xml:2282
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -2827,19 +2909,19 @@ msgstr ""
"té en compte."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2236
+#: sssd.conf.5.xml:2288
msgid "Default: None, no command is run"
msgstr "Per defecte: Cap, no s'executa cap comanda"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:2246 sssd-ldap.5.xml:2518 sssd-simple.5.xml:131
-#: sssd-ipa.5.xml:718 sssd-ad.5.xml:843 sssd-krb5.5.xml:519
+#: sssd.conf.5.xml:2298 sssd-ldap.5.xml:2569 sssd-simple.5.xml:131
+#: sssd-ipa.5.xml:718 sssd-ad.5.xml:843 sssd-krb5.5.xml:564
#: sss_rpcidmapd.5.xml:98
msgid "EXAMPLE"
msgstr "EXEMPLE"
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:2252
+#: sssd.conf.5.xml:2304
#, no-wrap
msgid ""
"[sssd]\n"
@@ -2894,7 +2976,7 @@ msgstr ""
"\n"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:2248
+#: sssd.conf.5.xml:2300
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -3806,7 +3888,7 @@ msgstr "L'atribut LDAP que correspon al nom complet de l'usuari."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:738 sssd-ldap.5.xml:831 sssd-ldap.5.xml:1058
-#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:2102 sssd-ldap.5.xml:2441
+#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:2153 sssd-ldap.5.xml:2492
#: sssd-ipa.5.xml:591
msgid "Default: cn"
msgstr "Per defecte: cn"
@@ -4099,11 +4181,6 @@ msgid ""
"dealing with complex or deep nested groups)."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1017
-msgid "ldap_use_tokengroups"
-msgstr ""
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1020
msgid ""
@@ -4348,7 +4425,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1258 sssd-ldap.5.xml:2259
+#: sssd-ldap.5.xml:1258 sssd-ldap.5.xml:2310
msgid "Default: 900 (15 minutes)"
msgstr ""
@@ -4841,7 +4918,7 @@ msgstr ""
"krb5.conf</filename>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:403 sssd-krb5.5.xml:453
+#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:403 sssd-krb5.5.xml:462
msgid "krb5_canonicalize (boolean)"
msgstr ""
@@ -4853,12 +4930,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1700 sssd-krb5.5.xml:468
+#: sssd-ldap.5.xml:1700 sssd-krb5.5.xml:477
msgid "krb5_use_kdcinfo (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1703 sssd-krb5.5.xml:471
+#: sssd-ldap.5.xml:1703 sssd-krb5.5.xml:480
msgid ""
"Specifies if the SSSD should instruct the Kerberos libraries what realm and "
"which KDCs to use. This option is on by default, if you disable it, you need "
@@ -4868,7 +4945,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1714 sssd-krb5.5.xml:482
+#: sssd-ldap.5.xml:1714 sssd-krb5.5.xml:491
msgid ""
"See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</"
"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more "
@@ -5166,11 +5243,64 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1958
+msgid ""
+"<emphasis> Please note that this option is superseded by the <quote>ppolicy</"
+"quote> option and might be removed in a future release. </emphasis>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1965
+msgid ""
+"<emphasis>ppolicy</emphasis>: use account locking. If set, this option "
+"denies access in case that ldap attribute 'pwdAccountLockedTime' is present "
+"and has value of '000001010000Z' or represents any time in the past. The "
+"value of the 'pwdAccountLockedTime' attribute must end with 'Z', which "
+"denotes the UTC time zone. Other time zones are not currently supported and "
+"will result in \"access-denied\" when users attempt to log in. Please see "
+"the option ldap_pwdlockout_dn. Please note that 'access_provider = ldap' "
+"must be set for this feature to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1982
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr "<emphasis>expire</emphasis>: utilitza ldap_account_expire_policy"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1962
+#: sssd-ldap.5.xml:1986
+msgid ""
+"<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, "
+"pwd_expire_policy_renew: </emphasis> These options are useful if users are "
+"interested in being warned that password is about to expire and "
+"authentication is based on using a different method than passwords - for "
+"example SSH keys."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1996
+msgid ""
+"The difference between these options is the action taken if user password is "
+"expired: pwd_expire_policy_reject - user is denied to log in, "
+"pwd_expire_policy_warn - user is still able to log in, "
+"pwd_expire_policy_renew - user is prompted to change his password "
+"immediately."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2004
+msgid ""
+"Note If user password is expired no explicit message is prompted by SSSD."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2008
+msgid ""
+"Please note that 'access_provider = ldap' must be set for this feature to "
+"work. Also 'ldap_pwd_policy' must be set to an appropriate password policy."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2013
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
@@ -5179,17 +5309,17 @@ msgstr ""
"authorizedService per determinar l'accés"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1967
+#: sssd-ldap.5.xml:2018
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1971
+#: sssd-ldap.5.xml:2022
msgid "Default: filter"
msgstr "Per defecte: filter"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1974
+#: sssd-ldap.5.xml:2025
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
@@ -5198,12 +5328,12 @@ msgstr ""
"s'utilitza més d'una vegada."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1981
+#: sssd-ldap.5.xml:2032
msgid "ldap_pwdlockout_dn (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1984
+#: sssd-ldap.5.xml:2035
msgid ""
"This option specifies the DN of password policy entry on LDAP server. Please "
"note that absence of this option in sssd.conf in case of enabled account "
@@ -5212,22 +5342,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1992
+#: sssd-ldap.5.xml:2043
msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1995
+#: sssd-ldap.5.xml:2046
msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2001
+#: sssd-ldap.5.xml:2052
msgid "ldap_deref (string)"
msgstr "ldap_deref (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2004
+#: sssd-ldap.5.xml:2055
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
@@ -5236,13 +5366,13 @@ msgstr ""
"cerca. S'admeten les opcions següents:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2009
+#: sssd-ldap.5.xml:2060
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr ""
"<emphasis>never</emphasis>: les referències dels àlies mai són eliminades."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2013
+#: sssd-ldap.5.xml:2064
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
@@ -5252,7 +5382,7 @@ msgstr ""
"de la cerca."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2018
+#: sssd-ldap.5.xml:2069
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
@@ -5261,7 +5391,7 @@ msgstr ""
"només en localitzar l'objecte base de la cerca."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2023
+#: sssd-ldap.5.xml:2074
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
@@ -5270,7 +5400,7 @@ msgstr ""
"en la recerca i en la localització de l'objecte base de la cerca."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2028
+#: sssd-ldap.5.xml:2079
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
@@ -5279,19 +5409,19 @@ msgstr ""
"llibreries client d'LDAP)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2036
+#: sssd-ldap.5.xml:2087
msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2039
+#: sssd-ldap.5.xml:2090
msgid ""
"Allows to retain local users as members of an LDAP group for servers that "
"use the RFC2307 schema."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2043
+#: sssd-ldap.5.xml:2094
msgid ""
"In some environments where the RFC2307 schema is used, local users are made "
"members of LDAP groups by adding their names to the memberUid attribute. "
@@ -5302,7 +5432,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2054
+#: sssd-ldap.5.xml:2105
msgid ""
"This option falls back to checking if local users are referenced, and caches "
"them so that later initgroups() calls will augment the local users with the "
@@ -5326,12 +5456,12 @@ msgstr ""
"\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2070
+#: sssd-ldap.5.xml:2121
msgid "SUDO OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2072
+#: sssd-ldap.5.xml:2123
msgid ""
"The detailed instructions for configuration of sudo_provider are in the "
"manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> "
@@ -5339,208 +5469,208 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2083
+#: sssd-ldap.5.xml:2134
msgid "ldap_sudorule_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2086
+#: sssd-ldap.5.xml:2137
msgid "The object class of a sudo rule entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2089
+#: sssd-ldap.5.xml:2140
msgid "Default: sudoRole"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2095
+#: sssd-ldap.5.xml:2146
msgid "ldap_sudorule_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2098
+#: sssd-ldap.5.xml:2149
msgid "The LDAP attribute that corresponds to the sudo rule name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2108
+#: sssd-ldap.5.xml:2159
msgid "ldap_sudorule_command (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2111
+#: sssd-ldap.5.xml:2162
msgid "The LDAP attribute that corresponds to the command name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2115
+#: sssd-ldap.5.xml:2166
msgid "Default: sudoCommand"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2121
+#: sssd-ldap.5.xml:2172
msgid "ldap_sudorule_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2124
+#: sssd-ldap.5.xml:2175
msgid ""
"The LDAP attribute that corresponds to the host name (or host IP address, "
"host IP network, or host netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2129
+#: sssd-ldap.5.xml:2180
msgid "Default: sudoHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2135
+#: sssd-ldap.5.xml:2186
msgid "ldap_sudorule_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2138
+#: sssd-ldap.5.xml:2189
msgid ""
"The LDAP attribute that corresponds to the user name (or UID, group name or "
"user's netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2142
+#: sssd-ldap.5.xml:2193
msgid "Default: sudoUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2148
+#: sssd-ldap.5.xml:2199
msgid "ldap_sudorule_option (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2151
+#: sssd-ldap.5.xml:2202
msgid "The LDAP attribute that corresponds to the sudo options."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2155
+#: sssd-ldap.5.xml:2206
msgid "Default: sudoOption"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2161
+#: sssd-ldap.5.xml:2212
msgid "ldap_sudorule_runasuser (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2164
+#: sssd-ldap.5.xml:2215
msgid ""
"The LDAP attribute that corresponds to the user name that commands may be "
"run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2168
+#: sssd-ldap.5.xml:2219
msgid "Default: sudoRunAsUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2174
+#: sssd-ldap.5.xml:2225
msgid "ldap_sudorule_runasgroup (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2177
+#: sssd-ldap.5.xml:2228
msgid ""
"The LDAP attribute that corresponds to the group name or group GID that "
"commands may be run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2181
+#: sssd-ldap.5.xml:2232
msgid "Default: sudoRunAsGroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2187
+#: sssd-ldap.5.xml:2238
msgid "ldap_sudorule_notbefore (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2190
+#: sssd-ldap.5.xml:2241
msgid ""
"The LDAP attribute that corresponds to the start date/time for when the sudo "
"rule is valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2194
+#: sssd-ldap.5.xml:2245
msgid "Default: sudoNotBefore"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2200
+#: sssd-ldap.5.xml:2251
msgid "ldap_sudorule_notafter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2203
+#: sssd-ldap.5.xml:2254
msgid ""
"The LDAP attribute that corresponds to the expiration date/time, after which "
"the sudo rule will no longer be valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2208
+#: sssd-ldap.5.xml:2259
msgid "Default: sudoNotAfter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2214
+#: sssd-ldap.5.xml:2265
msgid "ldap_sudorule_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2217
+#: sssd-ldap.5.xml:2268
msgid "The LDAP attribute that corresponds to the ordering index of the rule."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2221
+#: sssd-ldap.5.xml:2272
msgid "Default: sudoOrder"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2227
+#: sssd-ldap.5.xml:2278
msgid "ldap_sudo_full_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2230
+#: sssd-ldap.5.xml:2281
msgid ""
"How many seconds SSSD will wait between executing a full refresh of sudo "
"rules (which downloads all rules that are stored on the server)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2235
+#: sssd-ldap.5.xml:2286
msgid ""
"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </"
"emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2240
+#: sssd-ldap.5.xml:2291
msgid "Default: 21600 (6 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2246
+#: sssd-ldap.5.xml:2297
msgid "ldap_sudo_smart_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2249
+#: sssd-ldap.5.xml:2300
msgid ""
"How many seconds SSSD has to wait before executing a smart refresh of sudo "
"rules (which downloads all rules that have USN higher than the highest USN "
@@ -5548,101 +5678,101 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2255
+#: sssd-ldap.5.xml:2306
msgid ""
"If USN attributes are not supported by the server, the modifyTimestamp "
"attribute is used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2265
+#: sssd-ldap.5.xml:2316
msgid "ldap_sudo_use_host_filter (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2268
+#: sssd-ldap.5.xml:2319
msgid ""
"If true, SSSD will download only rules that are applicable to this machine "
"(using the IPv4 or IPv6 host/network addresses and hostnames)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2279
+#: sssd-ldap.5.xml:2330
msgid "ldap_sudo_hostnames (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2282
+#: sssd-ldap.5.xml:2333
msgid ""
"Space separated list of hostnames or fully qualified domain names that "
"should be used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2287
+#: sssd-ldap.5.xml:2338
msgid ""
"If this option is empty, SSSD will try to discover the hostname and the "
"fully qualified domain name automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2292 sssd-ldap.5.xml:2315 sssd-ldap.5.xml:2333
-#: sssd-ldap.5.xml:2351
+#: sssd-ldap.5.xml:2343 sssd-ldap.5.xml:2366 sssd-ldap.5.xml:2384
+#: sssd-ldap.5.xml:2402
msgid ""
"If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</"
"emphasis> then this option has no effect."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2297 sssd-ldap.5.xml:2320
+#: sssd-ldap.5.xml:2348 sssd-ldap.5.xml:2371
msgid "Default: not specified"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2303
+#: sssd-ldap.5.xml:2354
msgid "ldap_sudo_ip (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2306
+#: sssd-ldap.5.xml:2357
msgid ""
"Space separated list of IPv4 or IPv6 host/network addresses that should be "
"used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2311
+#: sssd-ldap.5.xml:2362
msgid ""
"If this option is empty, SSSD will try to discover the addresses "
"automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2326
+#: sssd-ldap.5.xml:2377
msgid "ldap_sudo_include_netgroups (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2329
+#: sssd-ldap.5.xml:2380
msgid ""
"If true then SSSD will download every rule that contains a netgroup in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2344
+#: sssd-ldap.5.xml:2395
msgid "ldap_sudo_include_regexp (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2347
+#: sssd-ldap.5.xml:2398
msgid ""
"If true then SSSD will download every rule that contains a wildcard in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2363
+#: sssd-ldap.5.xml:2414
msgid ""
"This manual page only describes attribute name mapping. For detailed "
"explanation of sudo related attribute semantics, see <citerefentry> "
@@ -5651,91 +5781,91 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2373
+#: sssd-ldap.5.xml:2424
msgid "AUTOFS OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2375
+#: sssd-ldap.5.xml:2426
msgid ""
"Please note that the default values correspond to the default schema which "
"is RFC2307."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2381
+#: sssd-ldap.5.xml:2432
msgid "ldap_autofs_map_master_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2384
+#: sssd-ldap.5.xml:2435
msgid "The name of the automount master map in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2387
+#: sssd-ldap.5.xml:2438
msgid "Default: auto.master"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2394
+#: sssd-ldap.5.xml:2445
msgid "ldap_autofs_map_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2397 sssd-ldap.5.xml:2423
+#: sssd-ldap.5.xml:2448 sssd-ldap.5.xml:2474
msgid "The object class of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2400 sssd-ldap.5.xml:2427
+#: sssd-ldap.5.xml:2451 sssd-ldap.5.xml:2478
msgid "Default: automountMap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2407
+#: sssd-ldap.5.xml:2458
msgid "ldap_autofs_map_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2410
+#: sssd-ldap.5.xml:2461
msgid "The name of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2413
+#: sssd-ldap.5.xml:2464
msgid "Default: ou"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2420
+#: sssd-ldap.5.xml:2471
msgid "ldap_autofs_entry_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2434
+#: sssd-ldap.5.xml:2485
msgid "ldap_autofs_entry_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2437 sssd-ldap.5.xml:2451
+#: sssd-ldap.5.xml:2488 sssd-ldap.5.xml:2502
msgid ""
"The key of an automount entry in LDAP. The entry usually corresponds to a "
"mount point."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2448
+#: sssd-ldap.5.xml:2499
msgid "ldap_autofs_entry_value (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2455
+#: sssd-ldap.5.xml:2506
msgid "Default: automountInformation"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2379
+#: sssd-ldap.5.xml:2430
msgid ""
"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
@@ -5744,32 +5874,32 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2465
+#: sssd-ldap.5.xml:2516
msgid "ADVANCED OPTIONS"
msgstr "OPCIONS AVANÇADES"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2472
+#: sssd-ldap.5.xml:2523
msgid "ldap_netgroup_search_base (string)"
msgstr "ldap_netgroup_search_base (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2477
+#: sssd-ldap.5.xml:2528
msgid "ldap_user_search_base (string)"
msgstr "ldap_user_search_base (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2482
+#: sssd-ldap.5.xml:2533
msgid "ldap_group_search_base (string)"
msgstr "ldap_group_search_base (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><note>
-#: sssd-ldap.5.xml:2487
+#: sssd-ldap.5.xml:2538
msgid "<note>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para>
-#: sssd-ldap.5.xml:2489
+#: sssd-ldap.5.xml:2540
msgid ""
"If the option <quote>ldap_use_tokengroups</quote> is enabled. The searches "
"against Active Directory will not be restricted and return all groups "
@@ -5778,22 +5908,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist>
-#: sssd-ldap.5.xml:2496
+#: sssd-ldap.5.xml:2547
msgid "</note>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2498
+#: sssd-ldap.5.xml:2549
msgid "ldap_sudo_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2503
+#: sssd-ldap.5.xml:2554
msgid "ldap_autofs_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2467
+#: sssd-ldap.5.xml:2518
#, fuzzy
#| msgid ""
#| "These options are supported by LDAP domains, but they should be used with "
@@ -5810,7 +5940,7 @@ msgstr ""
"sabeu el que estau fent. <placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2520
+#: sssd-ldap.5.xml:2571
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -5821,7 +5951,7 @@ msgstr ""
"replaceable>."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2526
+#: sssd-ldap.5.xml:2577
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -5834,19 +5964,19 @@ msgid ""
msgstr ""
#. type: Content of: <refsect1><refsect2><para>
-#: sssd-ldap.5.xml:2525 sssd-ldap.5.xml:2543 sssd-simple.5.xml:139
+#: sssd-ldap.5.xml:2576 sssd-ldap.5.xml:2594 sssd-simple.5.xml:139
#: sssd-ipa.5.xml:726 sssd-ad.5.xml:851 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98
-#: sssd-krb5.5.xml:528 include/ldap_id_mapping.xml:105
+#: sssd-krb5.5.xml:573 include/ldap_id_mapping.xml:105
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr "<placeholder type=\"programlisting\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2537
+#: sssd-ldap.5.xml:2588
msgid "LDAP ACCESS FILTER EXAMPLE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2539
+#: sssd-ldap.5.xml:2590
#, fuzzy
#| msgid ""
#| "The following example assumes that SSSD is correctly configured and LDAP "
@@ -5861,7 +5991,7 @@ msgstr ""
"replaceable>."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2544
+#: sssd-ldap.5.xml:2595
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -5877,13 +6007,13 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2559 sssd_krb5_locator_plugin.8.xml:61
+#: sssd-ldap.5.xml:2610 sssd_krb5_locator_plugin.8.xml:61
#: sssd-simple.5.xml:148 sssd-ad.5.xml:866 sssd.8.xml:195 sss_seed.8.xml:163
msgid "NOTES"
msgstr "NOTES"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2561
+#: sssd-ldap.5.xml:2612
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -6729,7 +6859,7 @@ msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:371 sssd-krb5.5.xml:245
+#: sssd-ipa.5.xml:371 sssd-krb5.5.xml:254
msgid "krb5_validate (boolean)"
msgstr "krb5_validate (booleà)"
@@ -6774,12 +6904,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:419 sssd-krb5.5.xml:407
+#: sssd-ipa.5.xml:419 sssd-krb5.5.xml:416
msgid "krb5_use_fast (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:422 sssd-krb5.5.xml:410
+#: sssd-ipa.5.xml:422 sssd-krb5.5.xml:419
msgid ""
"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-"
"authentication. The following options are supported:"
@@ -6799,7 +6929,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:436 sssd-krb5.5.xml:424
+#: sssd-ipa.5.xml:436 sssd-krb5.5.xml:433
msgid ""
"<emphasis>demand</emphasis> to use FAST. The authentication fails if the "
"server does not require fast."
@@ -6811,7 +6941,7 @@ msgid "Default: try"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:444 sssd-krb5.5.xml:435
+#: sssd-ipa.5.xml:444 sssd-krb5.5.xml:444
msgid ""
"NOTE: SSSD supports FAST only with MIT Kerberos version 1.8 and later. If "
"SSSD is used with an older version of MIT Kerberos, using this option is a "
@@ -7907,12 +8037,12 @@ msgid "Default: True"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:797 sssd-krb5.5.xml:496
+#: sssd-ad.5.xml:797 sssd-krb5.5.xml:505
msgid "krb5_use_enterprise_principal (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:800 sssd-krb5.5.xml:499
+#: sssd-ad.5.xml:800 sssd-krb5.5.xml:508
msgid ""
"Specifies if the user principal should be treated as enterprise principal. "
"See section 5 of RFC 6806 for more details about enterprise principals."
@@ -8930,16 +9060,32 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:225
+#, fuzzy
+#| msgid ""
+#| "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
+#| "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
+#| "citerefentry> for more information on configuring Kerberos."
+msgid ""
+"NOTE: Please be aware that libkrb5 ccache expansion template from "
+"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> uses different expansion sequences than SSSD."
+msgstr ""
+"<quote>krb5</quote> per canviar la contrasenya Kerberos. Vegeu "
+"<citerefentry><refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</"
+"manvolnum></citerefentry> per a més informació sobre configurar Kerberos."
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:234
msgid "Default: (from libkrb5)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:231
+#: sssd-krb5.5.xml:240
msgid "krb5_auth_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:234
+#: sssd-krb5.5.xml:243
msgid ""
"Timeout in seconds after an online authentication request or change password "
"request is aborted. If possible, the authentication request is continued "
@@ -8947,7 +9093,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:248
+#: sssd-krb5.5.xml:257
msgid ""
"Verify with the help of krb5_keytab that the TGT obtained has not been "
"spoofed. The keytab is checked for entries sequentially, and the first entry "
@@ -8958,36 +9104,36 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:263
+#: sssd-krb5.5.xml:272
msgid "krb5_keytab (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:266
+#: sssd-krb5.5.xml:275
msgid ""
"The location of the keytab to use when validating credentials obtained from "
"KDCs."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:270
+#: sssd-krb5.5.xml:279
msgid "Default: /etc/krb5.keytab"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:276
+#: sssd-krb5.5.xml:285
msgid "krb5_store_password_if_offline (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:279
+#: sssd-krb5.5.xml:288
msgid ""
"Store the password of the user if the provider is offline and use it to "
"request a TGT when the provider comes online again."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:284
+#: sssd-krb5.5.xml:293
msgid ""
"NOTE: this feature is only available on Linux. Passwords stored in this way "
"are kept in plaintext in the kernel keyring and are potentially accessible "
@@ -8995,91 +9141,91 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:297
+#: sssd-krb5.5.xml:306
msgid "krb5_renewable_lifetime (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:300
+#: sssd-krb5.5.xml:309
msgid ""
"Request a renewable ticket with a total lifetime, given as an integer "
"immediately followed by a time unit:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:305 sssd-krb5.5.xml:339 sssd-krb5.5.xml:376
+#: sssd-krb5.5.xml:314 sssd-krb5.5.xml:348 sssd-krb5.5.xml:385
msgid "<emphasis>s</emphasis> for seconds"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:308 sssd-krb5.5.xml:342 sssd-krb5.5.xml:379
+#: sssd-krb5.5.xml:317 sssd-krb5.5.xml:351 sssd-krb5.5.xml:388
msgid "<emphasis>m</emphasis> for minutes"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:311 sssd-krb5.5.xml:345 sssd-krb5.5.xml:382
+#: sssd-krb5.5.xml:320 sssd-krb5.5.xml:354 sssd-krb5.5.xml:391
msgid "<emphasis>h</emphasis> for hours"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:314 sssd-krb5.5.xml:348 sssd-krb5.5.xml:385
+#: sssd-krb5.5.xml:323 sssd-krb5.5.xml:357 sssd-krb5.5.xml:394
msgid "<emphasis>d</emphasis> for days."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:317 sssd-krb5.5.xml:388
+#: sssd-krb5.5.xml:326 sssd-krb5.5.xml:397
msgid "If there is no unit given, <emphasis>s</emphasis> is assumed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:321 sssd-krb5.5.xml:392
+#: sssd-krb5.5.xml:330 sssd-krb5.5.xml:401
msgid ""
"NOTE: It is not possible to mix units. To set the renewable lifetime to one "
"and a half hours, use '90m' instead of '1h30m'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:326
+#: sssd-krb5.5.xml:335
msgid "Default: not set, i.e. the TGT is not renewable"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:332
+#: sssd-krb5.5.xml:341
msgid "krb5_lifetime (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:335
+#: sssd-krb5.5.xml:344
msgid ""
"Request ticket with a lifetime, given as an integer immediately followed by "
"a time unit:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:351
+#: sssd-krb5.5.xml:360
msgid "If there is no unit given <emphasis>s</emphasis> is assumed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:355
+#: sssd-krb5.5.xml:364
msgid ""
"NOTE: It is not possible to mix units. To set the lifetime to one and a "
"half hours please use '90m' instead of '1h30m'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:360
+#: sssd-krb5.5.xml:369
msgid ""
"Default: not set, i.e. the default ticket lifetime configured on the KDC."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:367
+#: sssd-krb5.5.xml:376
msgid "krb5_renew_interval (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:370
+#: sssd-krb5.5.xml:379
msgid ""
"The time in seconds between two checks if the TGT should be renewed. TGTs "
"are renewed if about half of their lifetime is exceeded, given as an integer "
@@ -9087,56 +9233,91 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:397
+#: sssd-krb5.5.xml:406
msgid "If this option is not set or is 0 the automatic renewal is disabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:415
+#: sssd-krb5.5.xml:424
msgid ""
"<emphasis>never</emphasis> use FAST. This is equivalent to not setting this "
"option at all."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:419
+#: sssd-krb5.5.xml:428
msgid ""
"<emphasis>try</emphasis> to use FAST. If the server does not support FAST, "
"continue the authentication without it."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:429
+#: sssd-krb5.5.xml:438
msgid "Default: not set, i.e. FAST is not used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:432
+#: sssd-krb5.5.xml:441
msgid "NOTE: a keytab is required to use FAST."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:444
+#: sssd-krb5.5.xml:453
msgid "krb5_fast_principal (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:447
+#: sssd-krb5.5.xml:456
msgid "Specifies the server principal to use for FAST."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:456
+#: sssd-krb5.5.xml:465
msgid ""
"Specifies if the host and user principal should be canonicalized. This "
"feature is available with MIT Kerberos 1.7 and later versions."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:505
+#: sssd-krb5.5.xml:514
msgid "Default: false (AD provider: true)"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:520
+#, fuzzy
+#| msgid "krb5_realm (string)"
+msgid "krb5_map_user (string)"
+msgstr "krb5_realm (cadena)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:523
+msgid ""
+"The list of mappings is given as a comma-separated list of pairs "
+"<quote>username:primary</quote> where <quote>username</quote> is a UNIX user "
+"name and <quote>primary</quote> is a user part of a kerberos principal. This "
+"mapping is used when user is authenticating using <quote>auth_provider = "
+"krb5</quote>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd-krb5.5.xml:535
+#, no-wrap
+msgid ""
+"krb5_realm = REALM\n"
+"krb5_map_user = joe:juser,dick:richard\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:540
+msgid ""
+"<quote>joe</quote> and <quote>dick</quote> are UNIX user names and "
+"<quote>juser</quote> and <quote>richard</quote> are primaries of kerberos "
+"principals. For user <quote>joe</quote> resp. <quote>dick</quote> SSSD will "
+"try to kinit as <quote>juser@REALM</quote> resp. <quote>richard@REALM</"
+"quote>."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-krb5.5.xml:65
msgid ""
@@ -9148,7 +9329,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-krb5.5.xml:521
+#: sssd-krb5.5.xml:566
msgid ""
"The following example assumes that SSSD is correctly configured and FOO is "
"one of the domains in the <replaceable>[sssd]</replaceable> section. This "
@@ -9157,7 +9338,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-krb5.5.xml:529
+#: sssd-krb5.5.xml:574
#, no-wrap
msgid ""
" [domain/FOO]\n"
diff --git a/src/man/po/cs.po b/src/man/po/cs.po
index 33b0358c2..38b2ff9d2 100644
--- a/src/man/po/cs.po
+++ b/src/man/po/cs.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: sssd-docs 1.12.2\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2015-02-18 16:52+0100\n"
+"POT-Creation-Date: 2015-06-12 10:36+0200\n"
"PO-Revision-Date: 2014-06-04 02:04-0400\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Czech (http://www.transifex.com/projects/p/sssd/language/"
@@ -18,7 +18,7 @@ msgstr ""
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=3; plural=(n==1) ? 0 : (n>=2 && n<=4) ? 1 : 2;\n"
-"X-Generator: Zanata 3.5.1\n"
+"X-Generator: Zanata 3.6.2\n"
#. type: Content of: <reference><title>
#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5
@@ -225,11 +225,11 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:81 sssd.conf.5.xml:571 sssd.conf.5.xml:1014
+#: sssd.conf.5.xml:81 sssd.conf.5.xml:602 sssd.conf.5.xml:1066
#: sssd-ldap.5.xml:1625 sssd-ldap.5.xml:1722 sssd-ldap.5.xml:1784
-#: sssd-ldap.5.xml:2273 sssd-ldap.5.xml:2338 sssd-ldap.5.xml:2356
+#: sssd-ldap.5.xml:2324 sssd-ldap.5.xml:2389 sssd-ldap.5.xml:2407
#: sssd-ipa.5.xml:378 sssd-ipa.5.xml:413 sssd-ad.5.xml:166 sssd-ad.5.xml:264
-#: sssd-ad.5.xml:714 sssd-ad.5.xml:806 sssd-krb5.5.xml:490
+#: sssd-ad.5.xml:714 sssd-ad.5.xml:806 sssd-krb5.5.xml:499
msgid "Default: true"
msgstr ""
@@ -246,16 +246,16 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:94 sssd.conf.5.xml:968 sssd.conf.5.xml:2043
+#: sssd.conf.5.xml:94 sssd.conf.5.xml:1020 sssd.conf.5.xml:2095
#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1499 sssd-ldap.5.xml:1518
-#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:2060 sssd-ipa.5.xml:139
-#: sssd-ipa.5.xml:208 sssd-ipa.5.xml:543 sssd-krb5.5.xml:257
-#: sssd-krb5.5.xml:291 sssd-krb5.5.xml:462
+#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:2111 sssd-ipa.5.xml:139
+#: sssd-ipa.5.xml:208 sssd-ipa.5.xml:543 sssd-krb5.5.xml:266
+#: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471
msgid "Default: false"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:67 sssd.conf.5.xml:105 sssd-ldap.5.xml:2081
+#: sssd.conf.5.xml:67 sssd.conf.5.xml:105 sssd-ldap.5.xml:2132
msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
@@ -292,7 +292,7 @@ msgid "The [sssd] section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:137 sssd.conf.5.xml:2127
+#: sssd.conf.5.xml:137 sssd.conf.5.xml:2179
msgid "Section parameters"
msgstr ""
@@ -361,7 +361,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:193 sssd.conf.5.xml:1826
+#: sssd.conf.5.xml:193 sssd.conf.5.xml:1878
msgid "re_expression (string)"
msgstr ""
@@ -381,12 +381,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:210 sssd.conf.5.xml:1877
+#: sssd.conf.5.xml:210 sssd.conf.5.xml:1929
msgid "full_name_format (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:213 sssd.conf.5.xml:1880
+#: sssd.conf.5.xml:213 sssd.conf.5.xml:1932
msgid ""
"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
"manvolnum> </citerefentry>-compatible format that describes how to compose a "
@@ -394,39 +394,39 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:224 sssd.conf.5.xml:1891
+#: sssd.conf.5.xml:224 sssd.conf.5.xml:1943
msgid "%1$s"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:225 sssd.conf.5.xml:1892
+#: sssd.conf.5.xml:225 sssd.conf.5.xml:1944
msgid "user name"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:228 sssd.conf.5.xml:1895
+#: sssd.conf.5.xml:228 sssd.conf.5.xml:1947
msgid "%2$s"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:231 sssd.conf.5.xml:1898
+#: sssd.conf.5.xml:231 sssd.conf.5.xml:1950
msgid "domain name as specified in the SSSD config file."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:237 sssd.conf.5.xml:1904
+#: sssd.conf.5.xml:237 sssd.conf.5.xml:1956
msgid "%3$s"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:240 sssd.conf.5.xml:1907
+#: sssd.conf.5.xml:240 sssd.conf.5.xml:1959
msgid ""
"domain flat name. Mostly usable for Active Directory domains, both directly "
"configured or discovered via IPA trusts."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:221 sssd.conf.5.xml:1888
+#: sssd.conf.5.xml:221 sssd.conf.5.xml:1940
msgid ""
"The following expansions are supported: <placeholder type=\"variablelist\" "
"id=\"0\"/>"
@@ -543,8 +543,8 @@ msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:336 sssd-ldap.5.xml:663 sssd-ldap.5.xml:1458
#: sssd-ldap.5.xml:1470 sssd-ldap.5.xml:1552 sssd-ad.5.xml:557
-#: sssd-ad.5.xml:627 sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:203
-#: include/ldap_id_mapping.xml:214
+#: sssd-ad.5.xml:627 sssd-krb5.5.xml:410 sssd-krb5.5.xml:550
+#: include/ldap_id_mapping.xml:203 include/ldap_id_mapping.xml:214
msgid "Default: not set"
msgstr ""
@@ -647,18 +647,18 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:427 sssd.conf.5.xml:443 sssd.conf.5.xml:475
-#: sssd.conf.5.xml:702 sssd.conf.5.xml:888 sssd.conf.5.xml:1209
+#: sssd.conf.5.xml:733 sssd.conf.5.xml:919 sssd.conf.5.xml:1261
#: sssd-ldap.5.xml:1200
msgid "Default: 60"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:432 sssd.conf.5.xml:1198
+#: sssd.conf.5.xml:432 sssd.conf.5.xml:1250
msgid "force_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:435 sssd.conf.5.xml:1201
+#: sssd.conf.5.xml:435 sssd.conf.5.xml:1253
msgid ""
"If a service is not responding to ping checks (see the <quote>timeout</"
"quote> option), it is first sent the SIGTERM signal that instructs it to "
@@ -705,41 +705,93 @@ msgid ""
"will be forced to one hour."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:480
+msgid "subdomain_inherit (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:483
+msgid ""
+"Specifies a list of configuration parameters that should be inherited by a "
+"subdomain. Please note that only selected parameters can be inherited. "
+"Currently the following options can be inherited:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:489
+msgid "ignore_group_members"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:492
+msgid "ldap_purge_cache_timeout"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:495 sssd-ldap.5.xml:1017
+msgid "ldap_use_tokengroups"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:498
+msgid "ldap_user_principal"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd.conf.5.xml:503
+#, no-wrap
+msgid ""
+"subdomain_inherit = ldap_purge_cache_timeout\n"
+" "
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:501
+msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:507 sssd.conf.5.xml:963 sssd.conf.5.xml:984
+#: sssd.conf.5.xml:1244 sssd-ldap.5.xml:1753
+msgid "Default: none"
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:484
+#: sssd.conf.5.xml:515
msgid "NSS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:486
+#: sssd.conf.5.xml:517
msgid ""
"These options can be used to configure the Name Service Switch (NSS) service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:491
+#: sssd.conf.5.xml:522
msgid "enum_cache_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:494
+#: sssd.conf.5.xml:525
msgid ""
"How many seconds should nss_sss cache enumerations (requests for info about "
"all users)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:498
+#: sssd.conf.5.xml:529
msgid "Default: 120"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:503
+#: sssd.conf.5.xml:534
msgid "entry_cache_nowait_percentage (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:506
+#: sssd.conf.5.xml:537
msgid ""
"The entry cache can be set to automatically update entries in the background "
"if they are requested beyond a percentage of the entry_cache_timeout value "
@@ -747,7 +799,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:512
+#: sssd.conf.5.xml:543
msgid ""
"For example, if the domain's entry_cache_timeout is set to 30s and "
"entry_cache_nowait_percentage is set to 50 (percent), entries that come in "
@@ -757,7 +809,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:522
+#: sssd.conf.5.xml:553
msgid ""
"Valid values for this option are 0-99 and represent a percentage of the "
"entry_cache_timeout for each domain. For performance reasons, this "
@@ -766,17 +818,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:530
+#: sssd.conf.5.xml:561
msgid "Default: 50"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:535
+#: sssd.conf.5.xml:566
msgid "entry_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:538
+#: sssd.conf.5.xml:569
msgid ""
"Specifies for how many seconds nss_sss should cache negative cache hits "
"(that is, queries for invalid database entries, like nonexistent ones) "
@@ -784,17 +836,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:544 sssd.conf.5.xml:992
+#: sssd.conf.5.xml:575 sssd.conf.5.xml:1044
msgid "Default: 15"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:549
+#: sssd.conf.5.xml:580
msgid "filter_users, filter_groups (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:552
+#: sssd.conf.5.xml:583
msgid ""
"Exclude certain users from being fetched from the sss NSS database. This is "
"particularly useful for system accounts. This option can also be set per-"
@@ -803,41 +855,41 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:559
+#: sssd.conf.5.xml:590
msgid "Default: root"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:564
+#: sssd.conf.5.xml:595
msgid "filter_users_in_groups (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:567
+#: sssd.conf.5.xml:598
msgid ""
"If you want filtered user still be group members set this option to false."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:578
+#: sssd.conf.5.xml:609
msgid "fallback_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:581
+#: sssd.conf.5.xml:612
msgid ""
"Set a default template for a user's home directory if one is not specified "
"explicitly by the domain's data provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:586
+#: sssd.conf.5.xml:617
msgid ""
"The available values for this option are the same as for override_homedir."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
-#: sssd.conf.5.xml:592
+#: sssd.conf.5.xml:623
#, no-wrap
msgid ""
"fallback_homedir = /home/%u\n"
@@ -845,22 +897,23 @@ msgid ""
msgstr ""
#. type: Content of: <varlistentry><listitem><para>
-#: sssd.conf.5.xml:590 include/override_homedir.xml:55
+#: sssd.conf.5.xml:621 sssd.conf.5.xml:978 sssd-krb5.5.xml:533
+#: include/override_homedir.xml:55
msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:596
+#: sssd.conf.5.xml:627
msgid "Default: not set (no substitution for unset home directories)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:602
+#: sssd.conf.5.xml:633
msgid "override_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:605
+#: sssd.conf.5.xml:636
msgid ""
"Override the login shell for all users. This option supersedes any other "
"shell options if it takes effect and can be set either in the [nss] section "
@@ -868,47 +921,47 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:611
+#: sssd.conf.5.xml:642
msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:617
+#: sssd.conf.5.xml:648
msgid "allowed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:620
+#: sssd.conf.5.xml:651
msgid ""
"Restrict user shell to one of the listed values. The order of evaluation is:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:623
+#: sssd.conf.5.xml:654
msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:627
+#: sssd.conf.5.xml:658
msgid ""
"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
"quote>, use the value of the shell_fallback parameter."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:632
+#: sssd.conf.5.xml:663
msgid ""
"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
"shells</quote>, a nologin shell is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:637
+#: sssd.conf.5.xml:668
msgid "The wildcard (*) can be used to allow any shell."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:640
+#: sssd.conf.5.xml:671
msgid ""
"The (*) is useful if you want to use shell_fallback in case that user's "
"shell is not in <quote>/etc/shells</quote> and maintaining list of all "
@@ -916,103 +969,103 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:647
+#: sssd.conf.5.xml:678
msgid "An empty string for shell is passed as-is to libc."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:650
+#: sssd.conf.5.xml:681
msgid ""
"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
"that a restart of the SSSD is required in case a new shell is installed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:654
+#: sssd.conf.5.xml:685
msgid "Default: Not set. The user shell is automatically used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:659
+#: sssd.conf.5.xml:690
msgid "vetoed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:662
+#: sssd.conf.5.xml:693
msgid "Replace any instance of these shells with the shell_fallback"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:667
+#: sssd.conf.5.xml:698
msgid "shell_fallback (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:670
+#: sssd.conf.5.xml:701
msgid ""
"The default shell to use if an allowed shell is not installed on the machine."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:674
+#: sssd.conf.5.xml:705
msgid "Default: /bin/sh"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:679
+#: sssd.conf.5.xml:710
msgid "default_shell"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:682
+#: sssd.conf.5.xml:713
msgid ""
"The default shell to use if the provider does not return one during lookup. "
"This option can be specified globally in the [nss] section or per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:688
+#: sssd.conf.5.xml:719
msgid ""
"Default: not set (Return NULL if no shell is specified and rely on libc to "
"substitute something sensible when necessary, usually /bin/sh)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:695 sssd.conf.5.xml:881
+#: sssd.conf.5.xml:726 sssd.conf.5.xml:912
msgid "get_domains_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:698 sssd.conf.5.xml:884
+#: sssd.conf.5.xml:729 sssd.conf.5.xml:915
msgid ""
"Specifies time in seconds for which the list of subdomains will be "
"considered valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:707
+#: sssd.conf.5.xml:738
msgid "memcache_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:710
+#: sssd.conf.5.xml:741
msgid ""
"Specifies time in seconds for which records in the in-memory cache will be "
"valid"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:714 sssd-ldap.5.xml:706
+#: sssd.conf.5.xml:745 sssd-ldap.5.xml:706
msgid "Default: 300"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:719 sssd-ifp.5.xml:74
+#: sssd.conf.5.xml:750 sssd-ifp.5.xml:74
msgid "user_attributes (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:722
+#: sssd.conf.5.xml:753
msgid ""
"Some of the additional NSS responder requests can return more attributes "
"than just the POSIX ones defined by the NSS interface. The list of "
@@ -1023,72 +1076,72 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:735
+#: sssd.conf.5.xml:766
msgid ""
"To make configuration more easy the NSS responder will check the InfoPipe "
"option if it is not set for the NSS responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:740
+#: sssd.conf.5.xml:771
msgid "Default: not set, fallback to InfoPipe option"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:747
+#: sssd.conf.5.xml:778
msgid "PAM configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:749
+#: sssd.conf.5.xml:780
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:754
+#: sssd.conf.5.xml:785
msgid "offline_credentials_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:757
+#: sssd.conf.5.xml:788
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:762 sssd.conf.5.xml:775
+#: sssd.conf.5.xml:793 sssd.conf.5.xml:806
msgid "Default: 0 (No limit)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:768
+#: sssd.conf.5.xml:799
msgid "offline_failed_login_attempts (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:771
+#: sssd.conf.5.xml:802
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:781
+#: sssd.conf.5.xml:812
msgid "offline_failed_login_delay (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:784
+#: sssd.conf.5.xml:815
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:789
+#: sssd.conf.5.xml:820
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -1096,59 +1149,59 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:795 sssd.conf.5.xml:848
+#: sssd.conf.5.xml:826 sssd.conf.5.xml:879
msgid "Default: 5"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:801
+#: sssd.conf.5.xml:832
msgid "pam_verbosity (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:804
+#: sssd.conf.5.xml:835
msgid ""
"Controls what kind of messages are shown to the user during authentication. "
"The higher the number to more messages are displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:809
+#: sssd.conf.5.xml:840
msgid "Currently sssd supports the following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:812
+#: sssd.conf.5.xml:843
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:815
+#: sssd.conf.5.xml:846
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:819
+#: sssd.conf.5.xml:850
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:822
+#: sssd.conf.5.xml:853
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:826 sssd.8.xml:63
+#: sssd.conf.5.xml:857 sssd.8.xml:63
msgid "Default: 1"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:831
+#: sssd.conf.5.xml:862
msgid "pam_id_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:834
+#: sssd.conf.5.xml:865
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -1156,7 +1209,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:840
+#: sssd.conf.5.xml:871
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a per-"
@@ -1165,17 +1218,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:854
+#: sssd.conf.5.xml:885
msgid "pam_pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:857 sssd.conf.5.xml:1390
+#: sssd.conf.5.xml:888 sssd.conf.5.xml:1442
msgid "Display a warning N days before the password expires."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:860
+#: sssd.conf.5.xml:891
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1183,31 +1236,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:866 sssd.conf.5.xml:1393
+#: sssd.conf.5.xml:897 sssd.conf.5.xml:1445
msgid ""
"If zero is set, then this filter is not applied, i.e. if the expiration "
"warning was received from backend server, it will automatically be displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:871
+#: sssd.conf.5.xml:902
msgid ""
"This setting can be overridden by setting <emphasis>pwd_expiration_warning</"
"emphasis> for a particular domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:876 sssd.8.xml:79
+#: sssd.conf.5.xml:907 sssd.8.xml:79
msgid "Default: 0"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:893
+#: sssd.conf.5.xml:924
msgid "pam_trusted_users (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:896
+#: sssd.conf.5.xml:927
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAM responder. User names are resolved to UIDs at "
@@ -1215,59 +1268,75 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:902
+#: sssd.conf.5.xml:933
msgid "Default: all (All users are allowed to access the PAM responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:906
+#: sssd.conf.5.xml:937
msgid ""
"Please note that UID 0 is always allowed to access the PAM responder even in "
"case it is not in the pam_trusted_users list."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:913
+#: sssd.conf.5.xml:944
msgid "pam_public_domains (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:916
+#: sssd.conf.5.xml:947
msgid ""
"Specifies the comma-separated list of domain names that are accessible even "
"to untrusted users."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:920
+#: sssd.conf.5.xml:951
msgid "Two special values for pam_public_domains option are defined:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:924
+#: sssd.conf.5.xml:955
msgid ""
"all (Untrusted users are allowed to access all domains in PAM responder.)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:928
+#: sssd.conf.5.xml:959
msgid ""
"none (Untrusted users are not allowed to access any domains PAM in "
"responder.)"
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:932 sssd.conf.5.xml:1192 sssd-ldap.5.xml:1753
-msgid "Default: none"
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:968
+msgid "pam_account_expired_message (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:971
+msgid ""
+"If user is authenticating using SSH keys and account is expired then by "
+"default 'Permission denied' is output. This output will be changed to "
+"content of this variable if it is set."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd.conf.5.xml:980
+#, no-wrap
+msgid ""
+"pam_account_expired_message = Account expired, please call help desk.\n"
+" "
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:941
+#: sssd.conf.5.xml:993
msgid "SUDO configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:943
+#: sssd.conf.5.xml:995
msgid ""
"These options can be used to configure the sudo service. The detailed "
"instructions for configuration of <citerefentry> <refentrytitle>sudo</"
@@ -1278,34 +1347,34 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:960
+#: sssd.conf.5.xml:1012
msgid "sudo_timed (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:1015
msgid ""
"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
"that implement time-dependent sudoers entries."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:976
+#: sssd.conf.5.xml:1028
msgid "AUTOFS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:978
+#: sssd.conf.5.xml:1030
msgid "These options can be used to configure the autofs service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:982
+#: sssd.conf.5.xml:1034
msgid "autofs_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:985
+#: sssd.conf.5.xml:1037
msgid ""
"Specifies for how many seconds should the autofs responder negative cache "
"hits (that is, queries for invalid map entries, like nonexistent ones) "
@@ -1313,51 +1382,51 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1001
+#: sssd.conf.5.xml:1053
msgid "SSH configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1003
+#: sssd.conf.5.xml:1055
msgid "These options can be used to configure the SSH service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1007
+#: sssd.conf.5.xml:1059
msgid "ssh_hash_known_hosts (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1010
+#: sssd.conf.5.xml:1062
msgid ""
"Whether or not to hash host names and addresses in the managed known_hosts "
"file."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1019
+#: sssd.conf.5.xml:1071
msgid "ssh_known_hosts_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1022
+#: sssd.conf.5.xml:1074
msgid ""
"How many seconds to keep a host in the managed known_hosts file after its "
"host keys were requested."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1026
+#: sssd.conf.5.xml:1078
msgid "Default: 180"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1034
+#: sssd.conf.5.xml:1086
msgid "PAC responder configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1036
+#: sssd.conf.5.xml:1088
msgid ""
"The PAC responder works together with the authorization data plugin for MIT "
"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
@@ -1369,7 +1438,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1045
+#: sssd.conf.5.xml:1097
msgid ""
"If the remote user does not exist in the cache, it is created. The uid is "
"determined with the help of the SID, trusted domains will have UPGs and the "
@@ -1380,24 +1449,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1053
+#: sssd.conf.5.xml:1105
msgid ""
"If there are SIDs of groups from domains sssd knows about, the user will be "
"added to those groups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1059
+#: sssd.conf.5.xml:1111
msgid "These options can be used to configure the PAC responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1063 sssd-ifp.5.xml:50
+#: sssd.conf.5.xml:1115 sssd-ifp.5.xml:50
msgid "allowed_uids (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1066
+#: sssd.conf.5.xml:1118
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAC responder. User names are resolved to UIDs at "
@@ -1405,12 +1474,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1072
+#: sssd.conf.5.xml:1124
msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1076
+#: sssd.conf.5.xml:1128
msgid ""
"Please note that although the UID 0 is used as the default it will be "
"overwritten with this option. If you still want to allow the root user to "
@@ -1419,24 +1488,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:1090
+#: sssd.conf.5.xml:1142
msgid "DOMAIN SECTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1097
+#: sssd.conf.5.xml:1149
msgid "min_id,max_id (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1100
+#: sssd.conf.5.xml:1152
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1105
+#: sssd.conf.5.xml:1157
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For non-"
@@ -1445,47 +1514,47 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1112
+#: sssd.conf.5.xml:1164
msgid ""
"These ID limits affect even saving entries to cache, not only returning them "
"by name or ID."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1116
+#: sssd.conf.5.xml:1168
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1122
+#: sssd.conf.5.xml:1174
msgid "enumerate (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1125
+#: sssd.conf.5.xml:1177
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1129
+#: sssd.conf.5.xml:1181
msgid "TRUE = Users and groups are enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1132
+#: sssd.conf.5.xml:1184
msgid "FALSE = No enumerations for this domain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1135 sssd.conf.5.xml:1367 sssd.conf.5.xml:1476
-#: sssd.conf.5.xml:1493
+#: sssd.conf.5.xml:1187 sssd.conf.5.xml:1419 sssd.conf.5.xml:1528
+#: sssd.conf.5.xml:1545
msgid "Default: FALSE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1138
+#: sssd.conf.5.xml:1190
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
@@ -1497,14 +1566,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1151
+#: sssd.conf.5.xml:1203
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1156
+#: sssd.conf.5.xml:1208
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -1513,39 +1582,39 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1164
+#: sssd.conf.5.xml:1216
msgid ""
"For the reasons cited above, enabling enumeration is not recommended, "
"especially in large environments."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1172
+#: sssd.conf.5.xml:1224
msgid "subdomain_enumerate (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1179
+#: sssd.conf.5.xml:1231
msgid "all"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1180
+#: sssd.conf.5.xml:1232
msgid "All discovered trusted domains will be enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1183
+#: sssd.conf.5.xml:1235
msgid "none"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1184
+#: sssd.conf.5.xml:1236
msgid "No discovered trusted domains will be enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1175
+#: sssd.conf.5.xml:1227
msgid ""
"Whether any of autodetected trusted domains should be enumerated. The "
"supported values are: <placeholder type=\"variablelist\" id=\"0\"/> "
@@ -1554,19 +1623,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1215
+#: sssd.conf.5.xml:1267
msgid "entry_cache_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1218
+#: sssd.conf.5.xml:1270
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1222
+#: sssd.conf.5.xml:1274
msgid ""
"The cache expiration timestamps are stored as attributes of individual "
"objects in the cache. Therefore, changing the cache timeout only has effect "
@@ -1577,150 +1646,151 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1235
+#: sssd.conf.5.xml:1287
msgid "Default: 5400"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1241
+#: sssd.conf.5.xml:1293
msgid "entry_cache_user_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1244
+#: sssd.conf.5.xml:1296
msgid ""
"How many seconds should nss_sss consider user entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1248 sssd.conf.5.xml:1261 sssd.conf.5.xml:1274
-#: sssd.conf.5.xml:1287 sssd.conf.5.xml:1300 sssd.conf.5.xml:1314
-#: sssd.conf.5.xml:1328
+#: sssd.conf.5.xml:1300 sssd.conf.5.xml:1313 sssd.conf.5.xml:1326
+#: sssd.conf.5.xml:1339 sssd.conf.5.xml:1352 sssd.conf.5.xml:1366
+#: sssd.conf.5.xml:1380
msgid "Default: entry_cache_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1254
+#: sssd.conf.5.xml:1306
msgid "entry_cache_group_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1257
+#: sssd.conf.5.xml:1309
msgid ""
"How many seconds should nss_sss consider group entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1267
+#: sssd.conf.5.xml:1319
msgid "entry_cache_netgroup_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1270
+#: sssd.conf.5.xml:1322
msgid ""
"How many seconds should nss_sss consider netgroup entries valid before "
"asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1280
+#: sssd.conf.5.xml:1332
msgid "entry_cache_service_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1283
+#: sssd.conf.5.xml:1335
msgid ""
"How many seconds should nss_sss consider service entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1293
+#: sssd.conf.5.xml:1345
msgid "entry_cache_sudo_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1296
+#: sssd.conf.5.xml:1348
msgid ""
"How many seconds should sudo consider rules valid before asking the backend "
"again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1306
+#: sssd.conf.5.xml:1358
msgid "entry_cache_autofs_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1309
+#: sssd.conf.5.xml:1361
msgid ""
"How many seconds should the autofs service consider automounter maps valid "
"before asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1320
+#: sssd.conf.5.xml:1372
msgid "entry_cache_ssh_host_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1323
+#: sssd.conf.5.xml:1375
msgid ""
"How many seconds to keep a host ssh key after refresh. IE how long to cache "
"the host key for."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1334
+#: sssd.conf.5.xml:1386
msgid "refresh_expired_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1337
+#: sssd.conf.5.xml:1389
msgid ""
"Specifies how many seconds SSSD has to wait before triggering a background "
"refresh task which will refresh all expired or nearly expired records."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1342
-msgid "Currently only refreshing expired netgroups is supported."
+#: sssd.conf.5.xml:1394
+msgid ""
+"The background refresh will process users, groups and netgroups in the cache."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1346
+#: sssd.conf.5.xml:1398
msgid "You can consider setting this value to 3/4 * entry_cache_timeout."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1350 sssd-ipa.5.xml:224
+#: sssd.conf.5.xml:1402 sssd-ipa.5.xml:224
msgid "Default: 0 (disabled)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1356
+#: sssd.conf.5.xml:1408
msgid "cache_credentials (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1359
+#: sssd.conf.5.xml:1411
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1363
+#: sssd.conf.5.xml:1415
msgid "User credentials are stored in a SHA512 hash, not in plaintext"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1372
+#: sssd.conf.5.xml:1424
msgid "account_cache_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1375
+#: sssd.conf.5.xml:1427
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -1729,17 +1799,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1382
+#: sssd.conf.5.xml:1434
msgid "Default: 0 (unlimited)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1387
+#: sssd.conf.5.xml:1439
msgid "pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1398
+#: sssd.conf.5.xml:1450
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1748,33 +1818,33 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1405
+#: sssd.conf.5.xml:1457
msgid "Default: 7 (Kerberos), 0 (LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1411
+#: sssd.conf.5.xml:1463
msgid "id_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1414
+#: sssd.conf.5.xml:1466
msgid ""
"The identification provider used for the domain. Supported ID providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1418
+#: sssd.conf.5.xml:1470
msgid "<quote>proxy</quote>: Support a legacy NSS provider"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1421 sssd.conf.5.xml:1539
+#: sssd.conf.5.xml:1473 sssd.conf.5.xml:1591
msgid "<quote>local</quote>: SSSD internal provider for local users"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1425
+#: sssd.conf.5.xml:1477
msgid ""
"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
@@ -1782,8 +1852,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1433 sssd.conf.5.xml:1519 sssd.conf.5.xml:1574
-#: sssd.conf.5.xml:1627
+#: sssd.conf.5.xml:1485 sssd.conf.5.xml:1571 sssd.conf.5.xml:1626
+#: sssd.conf.5.xml:1679
msgid ""
"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -1792,8 +1862,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1442 sssd.conf.5.xml:1528 sssd.conf.5.xml:1583
-#: sssd.conf.5.xml:1636
+#: sssd.conf.5.xml:1494 sssd.conf.5.xml:1580 sssd.conf.5.xml:1635
+#: sssd.conf.5.xml:1688
msgid ""
"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1801,19 +1871,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1453
+#: sssd.conf.5.xml:1505
msgid "use_fully_qualified_names (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1456
+#: sssd.conf.5.xml:1508
msgid ""
"Use the full name and domain (as formatted by the domain's full_name_format) "
"as the user's login name reported to NSS."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1461
+#: sssd.conf.5.xml:1513
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified names. "
"For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -1822,7 +1892,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1469
+#: sssd.conf.5.xml:1521
msgid ""
"NOTE: This option has no effect on netgroup lookups due to their tendency to "
"include nested netgroups without qualified names. For netgroups, all domains "
@@ -1830,17 +1900,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1481
+#: sssd.conf.5.xml:1533
msgid "ignore_group_members (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1484
+#: sssd.conf.5.xml:1536
msgid "Do not return group members for group lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1487
+#: sssd.conf.5.xml:1539
msgid ""
"If set to TRUE, the group membership attribute is not requested from the "
"ldap server, and group members are not returned when processing group lookup "
@@ -1848,19 +1918,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1498
+#: sssd.conf.5.xml:1550
msgid "auth_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1501
+#: sssd.conf.5.xml:1553
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1505 sssd.conf.5.xml:1567
+#: sssd.conf.5.xml:1557 sssd.conf.5.xml:1619
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1868,7 +1938,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1512
+#: sssd.conf.5.xml:1564
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1876,30 +1946,30 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1536
+#: sssd.conf.5.xml:1588
msgid ""
"<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1543
+#: sssd.conf.5.xml:1595
msgid "<quote>none</quote> disables authentication explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1546
+#: sssd.conf.5.xml:1598
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1552
+#: sssd.conf.5.xml:1604
msgid "access_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1555
+#: sssd.conf.5.xml:1607
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -1907,19 +1977,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1561
+#: sssd.conf.5.xml:1613
msgid ""
"<quote>permit</quote> always allow access. It's the only permitted access "
"provider for a local domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1564
+#: sssd.conf.5.xml:1616
msgid "<quote>deny</quote> always deny access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1591
+#: sssd.conf.5.xml:1643
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
@@ -1928,24 +1998,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1598
+#: sssd.conf.5.xml:1650
msgid "Default: <quote>permit</quote>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1603
+#: sssd.conf.5.xml:1655
msgid "chpass_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1606
+#: sssd.conf.5.xml:1658
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1611
+#: sssd.conf.5.xml:1663
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
@@ -1953,7 +2023,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1619
+#: sssd.conf.5.xml:1671
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1961,35 +2031,35 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1644
+#: sssd.conf.5.xml:1696
msgid ""
"<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1648
+#: sssd.conf.5.xml:1700
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1651
+#: sssd.conf.5.xml:1703
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1658
+#: sssd.conf.5.xml:1710
msgid "sudo_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1661
+#: sssd.conf.5.xml:1713
msgid "The SUDO provider used for the domain. Supported SUDO providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1665
+#: sssd.conf.5.xml:1717
msgid ""
"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1997,32 +2067,32 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1673
+#: sssd.conf.5.xml:1725
msgid ""
"<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default "
"settings."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1677
+#: sssd.conf.5.xml:1729
msgid ""
"<quote>ad</quote> the same as <quote>ldap</quote> but with AD default "
"settings."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1681
+#: sssd.conf.5.xml:1733
msgid "<quote>none</quote> disables SUDO explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1684 sssd.conf.5.xml:1762 sssd.conf.5.xml:1794
-#: sssd.conf.5.xml:1819
+#: sssd.conf.5.xml:1736 sssd.conf.5.xml:1814 sssd.conf.5.xml:1846
+#: sssd.conf.5.xml:1871
msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1688
+#: sssd.conf.5.xml:1740
msgid ""
"The detailed instructions for configuration of sudo_provider are in the "
"manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> "
@@ -2033,12 +2103,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1705
+#: sssd.conf.5.xml:1757
msgid "selinux_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1708
+#: sssd.conf.5.xml:1760
msgid ""
"The provider which should handle loading of selinux settings. Note that this "
"provider will be called right after access provider ends. Supported selinux "
@@ -2046,7 +2116,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1714
+#: sssd.conf.5.xml:1766
msgid ""
"<quote>ipa</quote> to load selinux settings from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2054,31 +2124,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1722
+#: sssd.conf.5.xml:1774
msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1725
+#: sssd.conf.5.xml:1777
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"selinux loading requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1731
+#: sssd.conf.5.xml:1783
msgid "subdomains_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1734
+#: sssd.conf.5.xml:1786
msgid ""
"The provider which should handle fetching of subdomains. This value should "
"be always the same as id_provider. Supported subdomain providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1740
+#: sssd.conf.5.xml:1792
msgid ""
"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2086,7 +2156,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1749
+#: sssd.conf.5.xml:1801
msgid ""
"<quote>ad</quote> to load a list of subdomains from an Active Directory "
"server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> "
@@ -2095,23 +2165,23 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1758
+#: sssd.conf.5.xml:1810
msgid "<quote>none</quote> disallows fetching subdomains explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1769
+#: sssd.conf.5.xml:1821
msgid "autofs_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1772
+#: sssd.conf.5.xml:1824
msgid ""
"The autofs provider used for the domain. Supported autofs providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1776
+#: sssd.conf.5.xml:1828
msgid ""
"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2119,7 +2189,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1783
+#: sssd.conf.5.xml:1835
msgid ""
"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2127,24 +2197,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1791
+#: sssd.conf.5.xml:1843
msgid "<quote>none</quote> disables autofs explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1801
+#: sssd.conf.5.xml:1853
msgid "hostid_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1804
+#: sssd.conf.5.xml:1856
msgid ""
"The provider used for retrieving host identity information. Supported "
"hostid providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1808
+#: sssd.conf.5.xml:1860
msgid ""
"<quote>ipa</quote> to load host identity stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2152,12 +2222,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1816
+#: sssd.conf.5.xml:1868
msgid "<quote>none</quote> disables hostid explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1829
+#: sssd.conf.5.xml:1881
msgid ""
"Regular expression for this domain that describes how to parse the string "
"containing user name and domain into these components. The \"domain\" can "
@@ -2167,7 +2237,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1838
+#: sssd.conf.5.xml:1890
msgid ""
"Default for the AD and IPA provider: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
"\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
@@ -2176,29 +2246,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1843
+#: sssd.conf.5.xml:1895
msgid "username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1846
+#: sssd.conf.5.xml:1898
msgid "username@domain.name"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1849
+#: sssd.conf.5.xml:1901
msgid "domain\\username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1852
+#: sssd.conf.5.xml:1904
msgid ""
"While the first two correspond to the general default the third one is "
"introduced to allow easy integration of users from Windows domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1857
+#: sssd.conf.5.xml:1909
msgid ""
"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
"which translates to \"the name is everything up to the <quote>@</quote> "
@@ -2206,7 +2276,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1863
+#: sssd.conf.5.xml:1915
msgid ""
"PLEASE NOTE: the support for non-unique named subpatterns is not available "
"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
@@ -2214,66 +2284,66 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1870
+#: sssd.conf.5.xml:1922
msgid ""
"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?"
"P&lt;name&gt;) to label subpatterns."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1917
+#: sssd.conf.5.xml:1969
msgid "Default: <quote>%1$s@%2$s</quote>."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1923
+#: sssd.conf.5.xml:1975
msgid "lookup_family_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1926
+#: sssd.conf.5.xml:1978
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1930
+#: sssd.conf.5.xml:1982
msgid "Supported values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1933
+#: sssd.conf.5.xml:1985
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1936
+#: sssd.conf.5.xml:1988
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1939
+#: sssd.conf.5.xml:1991
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1942
+#: sssd.conf.5.xml:1994
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1945
+#: sssd.conf.5.xml:1997
msgid "Default: ipv4_first"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1951
+#: sssd.conf.5.xml:2003
msgid "dns_resolver_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1954
+#: sssd.conf.5.xml:2006
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -2281,70 +2351,70 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1960 sssd-ldap.5.xml:1184 sssd-ldap.5.xml:1226
-#: sssd-ldap.5.xml:1241 sssd-krb5.5.xml:239
+#: sssd.conf.5.xml:2012 sssd-ldap.5.xml:1184 sssd-ldap.5.xml:1226
+#: sssd-ldap.5.xml:1241 sssd-krb5.5.xml:248
msgid "Default: 6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1966
+#: sssd.conf.5.xml:2018
msgid "dns_discovery_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1969
+#: sssd.conf.5.xml:2021
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1973
+#: sssd.conf.5.xml:2025
msgid "Default: Use the domain part of machine's hostname"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1979
+#: sssd.conf.5.xml:2031
msgid "override_gid (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1982
+#: sssd.conf.5.xml:2034
msgid "Override the primary GID value with the one specified."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1988
+#: sssd.conf.5.xml:2040
msgid "case_sensitive (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1996
+#: sssd.conf.5.xml:2048
msgid "True"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1999
+#: sssd.conf.5.xml:2051
msgid "Case sensitive. This value is invalid for AD provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2005
+#: sssd.conf.5.xml:2057
msgid "False"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2007
+#: sssd.conf.5.xml:2059
msgid "Case insensitive."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2011
+#: sssd.conf.5.xml:2063
msgid "Preserving"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2014
+#: sssd.conf.5.xml:2066
msgid ""
"Same as False (case insensitive), but does not lowercase names in the result "
"of NSS operations. Note that name aliases (and in case of services also "
@@ -2352,7 +2422,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1991
+#: sssd.conf.5.xml:2043
msgid ""
"Treat user and group names as case sensitive. At the moment, this option is "
"not supported in the local provider. Possible option values are: "
@@ -2360,17 +2430,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2026
+#: sssd.conf.5.xml:2078
msgid "Default: True (False for AD provider)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2032
+#: sssd.conf.5.xml:2084
msgid "proxy_fast_alias (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2035
+#: sssd.conf.5.xml:2087
msgid ""
"When a user or group is looked up by name in the proxy provider, a second "
"lookup by ID is performed to \"canonicalize\" the name in case the requested "
@@ -2379,22 +2449,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2049
+#: sssd.conf.5.xml:2101
msgid "subdomain_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2060
+#: sssd.conf.5.xml:2112
msgid "%F"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2061
+#: sssd.conf.5.xml:2113
msgid "flat (NetBIOS) name of a subdomain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2052
+#: sssd.conf.5.xml:2104
msgid ""
"Use this homedir as default value for all subdomains within this domain in "
"IPA AD trust. See <emphasis>override_homedir</emphasis> for info about "
@@ -2404,29 +2474,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2066
+#: sssd.conf.5.xml:2118
msgid ""
"The value can be overridden by <emphasis>override_homedir</emphasis> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2070
+#: sssd.conf.5.xml:2122
msgid "Default: <filename>/home/%d/%u</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2075
+#: sssd.conf.5.xml:2127
msgid "realmd_tags (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2078
+#: sssd.conf.5.xml:2130
msgid ""
"Various tags stored by the realmd configuration service for this domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1092
+#: sssd.conf.5.xml:1144
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
@@ -2434,29 +2504,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2091
+#: sssd.conf.5.xml:2143
msgid "proxy_pam_target (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2094
+#: sssd.conf.5.xml:2146
msgid "The proxy target PAM proxies to."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2097
+#: sssd.conf.5.xml:2149
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2105
+#: sssd.conf.5.xml:2157
msgid "proxy_lib_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2108
+#: sssd.conf.5.xml:2160
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -2464,19 +2534,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:2087
+#: sssd.conf.5.xml:2139
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
"\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:2120
+#: sssd.conf.5.xml:2172
msgid "The local domain section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:2122
+#: sssd.conf.5.xml:2174
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -2484,73 +2554,73 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2129
+#: sssd.conf.5.xml:2181
msgid "default_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2132
+#: sssd.conf.5.xml:2184
msgid "The default shell for users created with SSSD userspace tools."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2136
+#: sssd.conf.5.xml:2188
msgid "Default: <filename>/bin/bash</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2141
+#: sssd.conf.5.xml:2193
msgid "base_directory (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2144
+#: sssd.conf.5.xml:2196
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2149
+#: sssd.conf.5.xml:2201
msgid "Default: <filename>/home</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2154
+#: sssd.conf.5.xml:2206
msgid "create_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2157
+#: sssd.conf.5.xml:2209
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2161 sssd.conf.5.xml:2173
+#: sssd.conf.5.xml:2213 sssd.conf.5.xml:2225
msgid "Default: TRUE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2166
+#: sssd.conf.5.xml:2218
msgid "remove_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2169
+#: sssd.conf.5.xml:2221
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2178
+#: sssd.conf.5.xml:2230
msgid "homedir_umask (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2181
+#: sssd.conf.5.xml:2233
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -2558,17 +2628,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2189
+#: sssd.conf.5.xml:2241
msgid "Default: 077"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2194
+#: sssd.conf.5.xml:2246
msgid "skel_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2197
+#: sssd.conf.5.xml:2249
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -2577,17 +2647,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2207
+#: sssd.conf.5.xml:2259
msgid "Default: <filename>/etc/skel</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2212
+#: sssd.conf.5.xml:2264
msgid "mail_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2215
+#: sssd.conf.5.xml:2267
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -2595,17 +2665,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2222
+#: sssd.conf.5.xml:2274
msgid "Default: <filename>/var/mail</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2227
+#: sssd.conf.5.xml:2279
msgid "userdel_cmd (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2230
+#: sssd.conf.5.xml:2282
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -2613,19 +2683,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2236
+#: sssd.conf.5.xml:2288
msgid "Default: None, no command is run"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:2246 sssd-ldap.5.xml:2518 sssd-simple.5.xml:131
-#: sssd-ipa.5.xml:718 sssd-ad.5.xml:843 sssd-krb5.5.xml:519
+#: sssd.conf.5.xml:2298 sssd-ldap.5.xml:2569 sssd-simple.5.xml:131
+#: sssd-ipa.5.xml:718 sssd-ad.5.xml:843 sssd-krb5.5.xml:564
#: sss_rpcidmapd.5.xml:98
msgid "EXAMPLE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:2252
+#: sssd.conf.5.xml:2304
#, no-wrap
msgid ""
"[sssd]\n"
@@ -2655,7 +2725,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:2248
+#: sssd.conf.5.xml:2300
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -3494,7 +3564,7 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:738 sssd-ldap.5.xml:831 sssd-ldap.5.xml:1058
-#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:2102 sssd-ldap.5.xml:2441
+#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:2153 sssd-ldap.5.xml:2492
#: sssd-ipa.5.xml:591
msgid "Default: cn"
msgstr ""
@@ -3775,11 +3845,6 @@ msgid ""
"dealing with complex or deep nested groups)."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1017
-msgid "ldap_use_tokengroups"
-msgstr ""
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1020
msgid ""
@@ -4014,7 +4079,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1258 sssd-ldap.5.xml:2259
+#: sssd-ldap.5.xml:1258 sssd-ldap.5.xml:2310
msgid "Default: 900 (15 minutes)"
msgstr ""
@@ -4465,7 +4530,7 @@ msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:403 sssd-krb5.5.xml:453
+#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:403 sssd-krb5.5.xml:462
msgid "krb5_canonicalize (boolean)"
msgstr ""
@@ -4477,12 +4542,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1700 sssd-krb5.5.xml:468
+#: sssd-ldap.5.xml:1700 sssd-krb5.5.xml:477
msgid "krb5_use_kdcinfo (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1703 sssd-krb5.5.xml:471
+#: sssd-ldap.5.xml:1703 sssd-krb5.5.xml:480
msgid ""
"Specifies if the SSSD should instruct the Kerberos libraries what realm and "
"which KDCs to use. This option is on by default, if you disable it, you need "
@@ -4492,7 +4557,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1714 sssd-krb5.5.xml:482
+#: sssd-ldap.5.xml:1714 sssd-krb5.5.xml:491
msgid ""
"See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</"
"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more "
@@ -4760,40 +4825,93 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1958
+msgid ""
+"<emphasis> Please note that this option is superseded by the <quote>ppolicy</"
+"quote> option and might be removed in a future release. </emphasis>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1965
+msgid ""
+"<emphasis>ppolicy</emphasis>: use account locking. If set, this option "
+"denies access in case that ldap attribute 'pwdAccountLockedTime' is present "
+"and has value of '000001010000Z' or represents any time in the past. The "
+"value of the 'pwdAccountLockedTime' attribute must end with 'Z', which "
+"denotes the UTC time zone. Other time zones are not currently supported and "
+"will result in \"access-denied\" when users attempt to log in. Please see "
+"the option ldap_pwdlockout_dn. Please note that 'access_provider = ldap' "
+"must be set for this feature to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1982
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1962
+#: sssd-ldap.5.xml:1986
+msgid ""
+"<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, "
+"pwd_expire_policy_renew: </emphasis> These options are useful if users are "
+"interested in being warned that password is about to expire and "
+"authentication is based on using a different method than passwords - for "
+"example SSH keys."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1996
+msgid ""
+"The difference between these options is the action taken if user password is "
+"expired: pwd_expire_policy_reject - user is denied to log in, "
+"pwd_expire_policy_warn - user is still able to log in, "
+"pwd_expire_policy_renew - user is prompted to change his password "
+"immediately."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2004
+msgid ""
+"Note If user password is expired no explicit message is prompted by SSSD."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2008
+msgid ""
+"Please note that 'access_provider = ldap' must be set for this feature to "
+"work. Also 'ldap_pwd_policy' must be set to an appropriate password policy."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2013
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1967
+#: sssd-ldap.5.xml:2018
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1971
+#: sssd-ldap.5.xml:2022
msgid "Default: filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1974
+#: sssd-ldap.5.xml:2025
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1981
+#: sssd-ldap.5.xml:2032
msgid "ldap_pwdlockout_dn (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1984
+#: sssd-ldap.5.xml:2035
msgid ""
"This option specifies the DN of password policy entry on LDAP server. Please "
"note that absence of this option in sssd.conf in case of enabled account "
@@ -4802,74 +4920,74 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1992
+#: sssd-ldap.5.xml:2043
msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1995
+#: sssd-ldap.5.xml:2046
msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2001
+#: sssd-ldap.5.xml:2052
msgid "ldap_deref (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2004
+#: sssd-ldap.5.xml:2055
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2009
+#: sssd-ldap.5.xml:2060
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2013
+#: sssd-ldap.5.xml:2064
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2018
+#: sssd-ldap.5.xml:2069
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2023
+#: sssd-ldap.5.xml:2074
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2028
+#: sssd-ldap.5.xml:2079
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2036
+#: sssd-ldap.5.xml:2087
msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2039
+#: sssd-ldap.5.xml:2090
msgid ""
"Allows to retain local users as members of an LDAP group for servers that "
"use the RFC2307 schema."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2043
+#: sssd-ldap.5.xml:2094
msgid ""
"In some environments where the RFC2307 schema is used, local users are made "
"members of LDAP groups by adding their names to the memberUid attribute. "
@@ -4880,7 +4998,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2054
+#: sssd-ldap.5.xml:2105
msgid ""
"This option falls back to checking if local users are referenced, and caches "
"them so that later initgroups() calls will augment the local users with the "
@@ -4898,12 +5016,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2070
+#: sssd-ldap.5.xml:2121
msgid "SUDO OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2072
+#: sssd-ldap.5.xml:2123
msgid ""
"The detailed instructions for configuration of sudo_provider are in the "
"manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> "
@@ -4911,208 +5029,208 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2083
+#: sssd-ldap.5.xml:2134
msgid "ldap_sudorule_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2086
+#: sssd-ldap.5.xml:2137
msgid "The object class of a sudo rule entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2089
+#: sssd-ldap.5.xml:2140
msgid "Default: sudoRole"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2095
+#: sssd-ldap.5.xml:2146
msgid "ldap_sudorule_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2098
+#: sssd-ldap.5.xml:2149
msgid "The LDAP attribute that corresponds to the sudo rule name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2108
+#: sssd-ldap.5.xml:2159
msgid "ldap_sudorule_command (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2111
+#: sssd-ldap.5.xml:2162
msgid "The LDAP attribute that corresponds to the command name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2115
+#: sssd-ldap.5.xml:2166
msgid "Default: sudoCommand"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2121
+#: sssd-ldap.5.xml:2172
msgid "ldap_sudorule_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2124
+#: sssd-ldap.5.xml:2175
msgid ""
"The LDAP attribute that corresponds to the host name (or host IP address, "
"host IP network, or host netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2129
+#: sssd-ldap.5.xml:2180
msgid "Default: sudoHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2135
+#: sssd-ldap.5.xml:2186
msgid "ldap_sudorule_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2138
+#: sssd-ldap.5.xml:2189
msgid ""
"The LDAP attribute that corresponds to the user name (or UID, group name or "
"user's netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2142
+#: sssd-ldap.5.xml:2193
msgid "Default: sudoUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2148
+#: sssd-ldap.5.xml:2199
msgid "ldap_sudorule_option (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2151
+#: sssd-ldap.5.xml:2202
msgid "The LDAP attribute that corresponds to the sudo options."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2155
+#: sssd-ldap.5.xml:2206
msgid "Default: sudoOption"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2161
+#: sssd-ldap.5.xml:2212
msgid "ldap_sudorule_runasuser (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2164
+#: sssd-ldap.5.xml:2215
msgid ""
"The LDAP attribute that corresponds to the user name that commands may be "
"run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2168
+#: sssd-ldap.5.xml:2219
msgid "Default: sudoRunAsUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2174
+#: sssd-ldap.5.xml:2225
msgid "ldap_sudorule_runasgroup (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2177
+#: sssd-ldap.5.xml:2228
msgid ""
"The LDAP attribute that corresponds to the group name or group GID that "
"commands may be run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2181
+#: sssd-ldap.5.xml:2232
msgid "Default: sudoRunAsGroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2187
+#: sssd-ldap.5.xml:2238
msgid "ldap_sudorule_notbefore (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2190
+#: sssd-ldap.5.xml:2241
msgid ""
"The LDAP attribute that corresponds to the start date/time for when the sudo "
"rule is valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2194
+#: sssd-ldap.5.xml:2245
msgid "Default: sudoNotBefore"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2200
+#: sssd-ldap.5.xml:2251
msgid "ldap_sudorule_notafter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2203
+#: sssd-ldap.5.xml:2254
msgid ""
"The LDAP attribute that corresponds to the expiration date/time, after which "
"the sudo rule will no longer be valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2208
+#: sssd-ldap.5.xml:2259
msgid "Default: sudoNotAfter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2214
+#: sssd-ldap.5.xml:2265
msgid "ldap_sudorule_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2217
+#: sssd-ldap.5.xml:2268
msgid "The LDAP attribute that corresponds to the ordering index of the rule."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2221
+#: sssd-ldap.5.xml:2272
msgid "Default: sudoOrder"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2227
+#: sssd-ldap.5.xml:2278
msgid "ldap_sudo_full_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2230
+#: sssd-ldap.5.xml:2281
msgid ""
"How many seconds SSSD will wait between executing a full refresh of sudo "
"rules (which downloads all rules that are stored on the server)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2235
+#: sssd-ldap.5.xml:2286
msgid ""
"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </"
"emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2240
+#: sssd-ldap.5.xml:2291
msgid "Default: 21600 (6 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2246
+#: sssd-ldap.5.xml:2297
msgid "ldap_sudo_smart_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2249
+#: sssd-ldap.5.xml:2300
msgid ""
"How many seconds SSSD has to wait before executing a smart refresh of sudo "
"rules (which downloads all rules that have USN higher than the highest USN "
@@ -5120,101 +5238,101 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2255
+#: sssd-ldap.5.xml:2306
msgid ""
"If USN attributes are not supported by the server, the modifyTimestamp "
"attribute is used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2265
+#: sssd-ldap.5.xml:2316
msgid "ldap_sudo_use_host_filter (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2268
+#: sssd-ldap.5.xml:2319
msgid ""
"If true, SSSD will download only rules that are applicable to this machine "
"(using the IPv4 or IPv6 host/network addresses and hostnames)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2279
+#: sssd-ldap.5.xml:2330
msgid "ldap_sudo_hostnames (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2282
+#: sssd-ldap.5.xml:2333
msgid ""
"Space separated list of hostnames or fully qualified domain names that "
"should be used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2287
+#: sssd-ldap.5.xml:2338
msgid ""
"If this option is empty, SSSD will try to discover the hostname and the "
"fully qualified domain name automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2292 sssd-ldap.5.xml:2315 sssd-ldap.5.xml:2333
-#: sssd-ldap.5.xml:2351
+#: sssd-ldap.5.xml:2343 sssd-ldap.5.xml:2366 sssd-ldap.5.xml:2384
+#: sssd-ldap.5.xml:2402
msgid ""
"If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</"
"emphasis> then this option has no effect."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2297 sssd-ldap.5.xml:2320
+#: sssd-ldap.5.xml:2348 sssd-ldap.5.xml:2371
msgid "Default: not specified"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2303
+#: sssd-ldap.5.xml:2354
msgid "ldap_sudo_ip (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2306
+#: sssd-ldap.5.xml:2357
msgid ""
"Space separated list of IPv4 or IPv6 host/network addresses that should be "
"used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2311
+#: sssd-ldap.5.xml:2362
msgid ""
"If this option is empty, SSSD will try to discover the addresses "
"automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2326
+#: sssd-ldap.5.xml:2377
msgid "ldap_sudo_include_netgroups (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2329
+#: sssd-ldap.5.xml:2380
msgid ""
"If true then SSSD will download every rule that contains a netgroup in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2344
+#: sssd-ldap.5.xml:2395
msgid "ldap_sudo_include_regexp (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2347
+#: sssd-ldap.5.xml:2398
msgid ""
"If true then SSSD will download every rule that contains a wildcard in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2363
+#: sssd-ldap.5.xml:2414
msgid ""
"This manual page only describes attribute name mapping. For detailed "
"explanation of sudo related attribute semantics, see <citerefentry> "
@@ -5223,91 +5341,91 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2373
+#: sssd-ldap.5.xml:2424
msgid "AUTOFS OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2375
+#: sssd-ldap.5.xml:2426
msgid ""
"Please note that the default values correspond to the default schema which "
"is RFC2307."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2381
+#: sssd-ldap.5.xml:2432
msgid "ldap_autofs_map_master_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2384
+#: sssd-ldap.5.xml:2435
msgid "The name of the automount master map in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2387
+#: sssd-ldap.5.xml:2438
msgid "Default: auto.master"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2394
+#: sssd-ldap.5.xml:2445
msgid "ldap_autofs_map_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2397 sssd-ldap.5.xml:2423
+#: sssd-ldap.5.xml:2448 sssd-ldap.5.xml:2474
msgid "The object class of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2400 sssd-ldap.5.xml:2427
+#: sssd-ldap.5.xml:2451 sssd-ldap.5.xml:2478
msgid "Default: automountMap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2407
+#: sssd-ldap.5.xml:2458
msgid "ldap_autofs_map_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2410
+#: sssd-ldap.5.xml:2461
msgid "The name of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2413
+#: sssd-ldap.5.xml:2464
msgid "Default: ou"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2420
+#: sssd-ldap.5.xml:2471
msgid "ldap_autofs_entry_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2434
+#: sssd-ldap.5.xml:2485
msgid "ldap_autofs_entry_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2437 sssd-ldap.5.xml:2451
+#: sssd-ldap.5.xml:2488 sssd-ldap.5.xml:2502
msgid ""
"The key of an automount entry in LDAP. The entry usually corresponds to a "
"mount point."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2448
+#: sssd-ldap.5.xml:2499
msgid "ldap_autofs_entry_value (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2455
+#: sssd-ldap.5.xml:2506
msgid "Default: automountInformation"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2379
+#: sssd-ldap.5.xml:2430
msgid ""
"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
@@ -5316,32 +5434,32 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2465
+#: sssd-ldap.5.xml:2516
msgid "ADVANCED OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2472
+#: sssd-ldap.5.xml:2523
msgid "ldap_netgroup_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2477
+#: sssd-ldap.5.xml:2528
msgid "ldap_user_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2482
+#: sssd-ldap.5.xml:2533
msgid "ldap_group_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><note>
-#: sssd-ldap.5.xml:2487
+#: sssd-ldap.5.xml:2538
msgid "<note>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para>
-#: sssd-ldap.5.xml:2489
+#: sssd-ldap.5.xml:2540
msgid ""
"If the option <quote>ldap_use_tokengroups</quote> is enabled. The searches "
"against Active Directory will not be restricted and return all groups "
@@ -5350,22 +5468,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist>
-#: sssd-ldap.5.xml:2496
+#: sssd-ldap.5.xml:2547
msgid "</note>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2498
+#: sssd-ldap.5.xml:2549
msgid "ldap_sudo_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2503
+#: sssd-ldap.5.xml:2554
msgid "ldap_autofs_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2467
+#: sssd-ldap.5.xml:2518
msgid ""
"These options are supported by LDAP domains, but they should be used with "
"caution. Please include them in your configuration only if you know what you "
@@ -5374,7 +5492,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2520
+#: sssd-ldap.5.xml:2571
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -5382,7 +5500,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2526
+#: sssd-ldap.5.xml:2577
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -5395,26 +5513,26 @@ msgid ""
msgstr ""
#. type: Content of: <refsect1><refsect2><para>
-#: sssd-ldap.5.xml:2525 sssd-ldap.5.xml:2543 sssd-simple.5.xml:139
+#: sssd-ldap.5.xml:2576 sssd-ldap.5.xml:2594 sssd-simple.5.xml:139
#: sssd-ipa.5.xml:726 sssd-ad.5.xml:851 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98
-#: sssd-krb5.5.xml:528 include/ldap_id_mapping.xml:105
+#: sssd-krb5.5.xml:573 include/ldap_id_mapping.xml:105
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2537
+#: sssd-ldap.5.xml:2588
msgid "LDAP ACCESS FILTER EXAMPLE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2539
+#: sssd-ldap.5.xml:2590
msgid ""
"The following example assumes that SSSD is correctly configured and to use "
"the ldap_access_order=lockout."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2544
+#: sssd-ldap.5.xml:2595
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -5430,13 +5548,13 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2559 sssd_krb5_locator_plugin.8.xml:61
+#: sssd-ldap.5.xml:2610 sssd_krb5_locator_plugin.8.xml:61
#: sssd-simple.5.xml:148 sssd-ad.5.xml:866 sssd.8.xml:195 sss_seed.8.xml:163
msgid "NOTES"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2561
+#: sssd-ldap.5.xml:2612
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -6198,7 +6316,7 @@ msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:371 sssd-krb5.5.xml:245
+#: sssd-ipa.5.xml:371 sssd-krb5.5.xml:254
msgid "krb5_validate (boolean)"
msgstr ""
@@ -6239,12 +6357,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:419 sssd-krb5.5.xml:407
+#: sssd-ipa.5.xml:419 sssd-krb5.5.xml:416
msgid "krb5_use_fast (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:422 sssd-krb5.5.xml:410
+#: sssd-ipa.5.xml:422 sssd-krb5.5.xml:419
msgid ""
"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-"
"authentication. The following options are supported:"
@@ -6264,7 +6382,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:436 sssd-krb5.5.xml:424
+#: sssd-ipa.5.xml:436 sssd-krb5.5.xml:433
msgid ""
"<emphasis>demand</emphasis> to use FAST. The authentication fails if the "
"server does not require fast."
@@ -6276,7 +6394,7 @@ msgid "Default: try"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:444 sssd-krb5.5.xml:435
+#: sssd-ipa.5.xml:444 sssd-krb5.5.xml:444
msgid ""
"NOTE: SSSD supports FAST only with MIT Kerberos version 1.8 and later. If "
"SSSD is used with an older version of MIT Kerberos, using this option is a "
@@ -7360,12 +7478,12 @@ msgid "Default: True"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:797 sssd-krb5.5.xml:496
+#: sssd-ad.5.xml:797 sssd-krb5.5.xml:505
msgid "krb5_use_enterprise_principal (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:800 sssd-krb5.5.xml:499
+#: sssd-ad.5.xml:800 sssd-krb5.5.xml:508
msgid ""
"Specifies if the user principal should be treated as enterprise principal. "
"See section 5 of RFC 6806 for more details about enterprise principals."
@@ -8308,16 +8426,24 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:225
+msgid ""
+"NOTE: Please be aware that libkrb5 ccache expansion template from "
+"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> uses different expansion sequences than SSSD."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:234
msgid "Default: (from libkrb5)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:231
+#: sssd-krb5.5.xml:240
msgid "krb5_auth_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:234
+#: sssd-krb5.5.xml:243
msgid ""
"Timeout in seconds after an online authentication request or change password "
"request is aborted. If possible, the authentication request is continued "
@@ -8325,7 +8451,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:248
+#: sssd-krb5.5.xml:257
msgid ""
"Verify with the help of krb5_keytab that the TGT obtained has not been "
"spoofed. The keytab is checked for entries sequentially, and the first entry "
@@ -8336,36 +8462,36 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:263
+#: sssd-krb5.5.xml:272
msgid "krb5_keytab (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:266
+#: sssd-krb5.5.xml:275
msgid ""
"The location of the keytab to use when validating credentials obtained from "
"KDCs."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:270
+#: sssd-krb5.5.xml:279
msgid "Default: /etc/krb5.keytab"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:276
+#: sssd-krb5.5.xml:285
msgid "krb5_store_password_if_offline (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:279
+#: sssd-krb5.5.xml:288
msgid ""
"Store the password of the user if the provider is offline and use it to "
"request a TGT when the provider comes online again."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:284
+#: sssd-krb5.5.xml:293
msgid ""
"NOTE: this feature is only available on Linux. Passwords stored in this way "
"are kept in plaintext in the kernel keyring and are potentially accessible "
@@ -8373,91 +8499,91 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:297
+#: sssd-krb5.5.xml:306
msgid "krb5_renewable_lifetime (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:300
+#: sssd-krb5.5.xml:309
msgid ""
"Request a renewable ticket with a total lifetime, given as an integer "
"immediately followed by a time unit:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:305 sssd-krb5.5.xml:339 sssd-krb5.5.xml:376
+#: sssd-krb5.5.xml:314 sssd-krb5.5.xml:348 sssd-krb5.5.xml:385
msgid "<emphasis>s</emphasis> for seconds"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:308 sssd-krb5.5.xml:342 sssd-krb5.5.xml:379
+#: sssd-krb5.5.xml:317 sssd-krb5.5.xml:351 sssd-krb5.5.xml:388
msgid "<emphasis>m</emphasis> for minutes"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:311 sssd-krb5.5.xml:345 sssd-krb5.5.xml:382
+#: sssd-krb5.5.xml:320 sssd-krb5.5.xml:354 sssd-krb5.5.xml:391
msgid "<emphasis>h</emphasis> for hours"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:314 sssd-krb5.5.xml:348 sssd-krb5.5.xml:385
+#: sssd-krb5.5.xml:323 sssd-krb5.5.xml:357 sssd-krb5.5.xml:394
msgid "<emphasis>d</emphasis> for days."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:317 sssd-krb5.5.xml:388
+#: sssd-krb5.5.xml:326 sssd-krb5.5.xml:397
msgid "If there is no unit given, <emphasis>s</emphasis> is assumed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:321 sssd-krb5.5.xml:392
+#: sssd-krb5.5.xml:330 sssd-krb5.5.xml:401
msgid ""
"NOTE: It is not possible to mix units. To set the renewable lifetime to one "
"and a half hours, use '90m' instead of '1h30m'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:326
+#: sssd-krb5.5.xml:335
msgid "Default: not set, i.e. the TGT is not renewable"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:332
+#: sssd-krb5.5.xml:341
msgid "krb5_lifetime (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:335
+#: sssd-krb5.5.xml:344
msgid ""
"Request ticket with a lifetime, given as an integer immediately followed by "
"a time unit:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:351
+#: sssd-krb5.5.xml:360
msgid "If there is no unit given <emphasis>s</emphasis> is assumed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:355
+#: sssd-krb5.5.xml:364
msgid ""
"NOTE: It is not possible to mix units. To set the lifetime to one and a "
"half hours please use '90m' instead of '1h30m'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:360
+#: sssd-krb5.5.xml:369
msgid ""
"Default: not set, i.e. the default ticket lifetime configured on the KDC."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:367
+#: sssd-krb5.5.xml:376
msgid "krb5_renew_interval (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:370
+#: sssd-krb5.5.xml:379
msgid ""
"The time in seconds between two checks if the TGT should be renewed. TGTs "
"are renewed if about half of their lifetime is exceeded, given as an integer "
@@ -8465,56 +8591,89 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:397
+#: sssd-krb5.5.xml:406
msgid "If this option is not set or is 0 the automatic renewal is disabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:415
+#: sssd-krb5.5.xml:424
msgid ""
"<emphasis>never</emphasis> use FAST. This is equivalent to not setting this "
"option at all."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:419
+#: sssd-krb5.5.xml:428
msgid ""
"<emphasis>try</emphasis> to use FAST. If the server does not support FAST, "
"continue the authentication without it."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:429
+#: sssd-krb5.5.xml:438
msgid "Default: not set, i.e. FAST is not used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:432
+#: sssd-krb5.5.xml:441
msgid "NOTE: a keytab is required to use FAST."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:444
+#: sssd-krb5.5.xml:453
msgid "krb5_fast_principal (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:447
+#: sssd-krb5.5.xml:456
msgid "Specifies the server principal to use for FAST."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:456
+#: sssd-krb5.5.xml:465
msgid ""
"Specifies if the host and user principal should be canonicalized. This "
"feature is available with MIT Kerberos 1.7 and later versions."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:505
+#: sssd-krb5.5.xml:514
msgid "Default: false (AD provider: true)"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:520
+msgid "krb5_map_user (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:523
+msgid ""
+"The list of mappings is given as a comma-separated list of pairs "
+"<quote>username:primary</quote> where <quote>username</quote> is a UNIX user "
+"name and <quote>primary</quote> is a user part of a kerberos principal. This "
+"mapping is used when user is authenticating using <quote>auth_provider = "
+"krb5</quote>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd-krb5.5.xml:535
+#, no-wrap
+msgid ""
+"krb5_realm = REALM\n"
+"krb5_map_user = joe:juser,dick:richard\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:540
+msgid ""
+"<quote>joe</quote> and <quote>dick</quote> are UNIX user names and "
+"<quote>juser</quote> and <quote>richard</quote> are primaries of kerberos "
+"principals. For user <quote>joe</quote> resp. <quote>dick</quote> SSSD will "
+"try to kinit as <quote>juser@REALM</quote> resp. <quote>richard@REALM</"
+"quote>."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-krb5.5.xml:65
msgid ""
@@ -8526,7 +8685,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-krb5.5.xml:521
+#: sssd-krb5.5.xml:566
msgid ""
"The following example assumes that SSSD is correctly configured and FOO is "
"one of the domains in the <replaceable>[sssd]</replaceable> section. This "
@@ -8535,7 +8694,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-krb5.5.xml:529
+#: sssd-krb5.5.xml:574
#, no-wrap
msgid ""
" [domain/FOO]\n"
diff --git a/src/man/po/de.po b/src/man/po/de.po
index 3a9425f8b..b05db61af 100644
--- a/src/man/po/de.po
+++ b/src/man/po/de.po
@@ -10,7 +10,7 @@ msgid ""
msgstr ""
"Project-Id-Version: sssd-docs 1.12.2\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2015-02-18 16:52+0100\n"
+"POT-Creation-Date: 2015-06-12 10:36+0200\n"
"PO-Revision-Date: 2014-06-09 02:21-0400\n"
"Last-Translator: Mario Blättermann <mario.blaettermann@gmail.com>\n"
"Language-Team: German (http://www.transifex.com/projects/p/sssd/language/"
@@ -20,7 +20,7 @@ msgstr ""
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"
-"X-Generator: Zanata 3.5.1\n"
+"X-Generator: Zanata 3.6.2\n"
#. type: Content of: <reference><title>
#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5
@@ -260,11 +260,11 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:81 sssd.conf.5.xml:571 sssd.conf.5.xml:1014
+#: sssd.conf.5.xml:81 sssd.conf.5.xml:602 sssd.conf.5.xml:1066
#: sssd-ldap.5.xml:1625 sssd-ldap.5.xml:1722 sssd-ldap.5.xml:1784
-#: sssd-ldap.5.xml:2273 sssd-ldap.5.xml:2338 sssd-ldap.5.xml:2356
+#: sssd-ldap.5.xml:2324 sssd-ldap.5.xml:2389 sssd-ldap.5.xml:2407
#: sssd-ipa.5.xml:378 sssd-ipa.5.xml:413 sssd-ad.5.xml:166 sssd-ad.5.xml:264
-#: sssd-ad.5.xml:714 sssd-ad.5.xml:806 sssd-krb5.5.xml:490
+#: sssd-ad.5.xml:714 sssd-ad.5.xml:806 sssd-krb5.5.xml:499
msgid "Default: true"
msgstr "Voreinstellung: »true«"
@@ -281,16 +281,16 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:94 sssd.conf.5.xml:968 sssd.conf.5.xml:2043
+#: sssd.conf.5.xml:94 sssd.conf.5.xml:1020 sssd.conf.5.xml:2095
#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1499 sssd-ldap.5.xml:1518
-#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:2060 sssd-ipa.5.xml:139
-#: sssd-ipa.5.xml:208 sssd-ipa.5.xml:543 sssd-krb5.5.xml:257
-#: sssd-krb5.5.xml:291 sssd-krb5.5.xml:462
+#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:2111 sssd-ipa.5.xml:139
+#: sssd-ipa.5.xml:208 sssd-ipa.5.xml:543 sssd-krb5.5.xml:266
+#: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471
msgid "Default: false"
msgstr "Voreinstellung: »false«"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:67 sssd.conf.5.xml:105 sssd-ldap.5.xml:2081
+#: sssd.conf.5.xml:67 sssd.conf.5.xml:105 sssd-ldap.5.xml:2132
msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr "<placeholder type=\"variablelist\" id=\"0\"/>"
@@ -330,7 +330,7 @@ msgid "The [sssd] section"
msgstr "Der Abschnitt [sssd]"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:137 sssd.conf.5.xml:2127
+#: sssd.conf.5.xml:137 sssd.conf.5.xml:2179
msgid "Section parameters"
msgstr "Abschnittsparameter"
@@ -423,7 +423,7 @@ msgstr ""
"Gedankenstrichen und Unterstrichen bestehen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:193 sssd.conf.5.xml:1826
+#: sssd.conf.5.xml:193 sssd.conf.5.xml:1878
msgid "re_expression (string)"
msgstr "re_expression (Zeichenkette)"
@@ -450,12 +450,12 @@ msgstr ""
"unter DOMAIN-ABSCHNITTE."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:210 sssd.conf.5.xml:1877
+#: sssd.conf.5.xml:210 sssd.conf.5.xml:1929
msgid "full_name_format (string)"
msgstr "full_name_format (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:213 sssd.conf.5.xml:1880
+#: sssd.conf.5.xml:213 sssd.conf.5.xml:1932
msgid ""
"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
"manvolnum> </citerefentry>-compatible format that describes how to compose a "
@@ -467,32 +467,32 @@ msgstr ""
"zusammengestellt wird."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:224 sssd.conf.5.xml:1891
+#: sssd.conf.5.xml:224 sssd.conf.5.xml:1943
msgid "%1$s"
msgstr "%1$s"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:225 sssd.conf.5.xml:1892
+#: sssd.conf.5.xml:225 sssd.conf.5.xml:1944
msgid "user name"
msgstr "Benutzername"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:228 sssd.conf.5.xml:1895
+#: sssd.conf.5.xml:228 sssd.conf.5.xml:1947
msgid "%2$s"
msgstr "%2$s"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:231 sssd.conf.5.xml:1898
+#: sssd.conf.5.xml:231 sssd.conf.5.xml:1950
msgid "domain name as specified in the SSSD config file."
msgstr "Domain-Name, wie er durch die SSSD-Konfigurationsdatei angegeben wird"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:237 sssd.conf.5.xml:1904
+#: sssd.conf.5.xml:237 sssd.conf.5.xml:1956
msgid "%3$s"
msgstr "%3$s"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:240 sssd.conf.5.xml:1907
+#: sssd.conf.5.xml:240 sssd.conf.5.xml:1959
msgid ""
"domain flat name. Mostly usable for Active Directory domains, both directly "
"configured or discovered via IPA trusts."
@@ -501,7 +501,7 @@ msgstr ""
"direkt konfiguriert als auch über IPA-Trust"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:221 sssd.conf.5.xml:1888
+#: sssd.conf.5.xml:221 sssd.conf.5.xml:1940
msgid ""
"The following expansions are supported: <placeholder type=\"variablelist\" "
"id=\"0\"/>"
@@ -655,8 +655,8 @@ msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:336 sssd-ldap.5.xml:663 sssd-ldap.5.xml:1458
#: sssd-ldap.5.xml:1470 sssd-ldap.5.xml:1552 sssd-ad.5.xml:557
-#: sssd-ad.5.xml:627 sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:203
-#: include/ldap_id_mapping.xml:214
+#: sssd-ad.5.xml:627 sssd-krb5.5.xml:410 sssd-krb5.5.xml:550
+#: include/ldap_id_mapping.xml:203 include/ldap_id_mapping.xml:214
msgid "Default: not set"
msgstr "Voreinstellung: nicht gesetzt"
@@ -779,18 +779,18 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:427 sssd.conf.5.xml:443 sssd.conf.5.xml:475
-#: sssd.conf.5.xml:702 sssd.conf.5.xml:888 sssd.conf.5.xml:1209
+#: sssd.conf.5.xml:733 sssd.conf.5.xml:919 sssd.conf.5.xml:1261
#: sssd-ldap.5.xml:1200
msgid "Default: 60"
msgstr "Voreinstellung: 60"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:432 sssd.conf.5.xml:1198
+#: sssd.conf.5.xml:432 sssd.conf.5.xml:1250
msgid "force_timeout (integer)"
msgstr "force_timeout (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:435 sssd.conf.5.xml:1201
+#: sssd.conf.5.xml:435 sssd.conf.5.xml:1253
msgid ""
"If a service is not responding to ping checks (see the <quote>timeout</"
"quote> option), it is first sent the SIGTERM signal that instructs it to "
@@ -842,13 +842,80 @@ msgid ""
"will be forced to one hour."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:480
+#, fuzzy
+#| msgid "subdomain_enumerate (string)"
+msgid "subdomain_inherit (string)"
+msgstr "subdomain_enumerate (Zeichenkette)"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:483
+msgid ""
+"Specifies a list of configuration parameters that should be inherited by a "
+"subdomain. Please note that only selected parameters can be inherited. "
+"Currently the following options can be inherited:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:489
+#, fuzzy
+#| msgid "ignore_group_members (bool)"
+msgid "ignore_group_members"
+msgstr "ignore_group_members (Boolesch)"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:492
+#, fuzzy
+#| msgid "ldap_purge_cache_timeout (integer)"
+msgid "ldap_purge_cache_timeout"
+msgstr "ldap_purge_cache_timeout (Ganzzahl)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:495 sssd-ldap.5.xml:1017
+msgid "ldap_use_tokengroups"
+msgstr "ldap_use_tokengroups"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:498
+#, fuzzy
+#| msgid "ldap_user_principal (string)"
+msgid "ldap_user_principal"
+msgstr "ldap_user_principal (Zeichenkette)"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd.conf.5.xml:503
+#, fuzzy, no-wrap
+#| msgid ""
+#| "fallback_homedir = /home/%u\n"
+#| " "
+msgid ""
+"subdomain_inherit = ldap_purge_cache_timeout\n"
+" "
+msgstr ""
+"fallback_homedir = /home/%u\n"
+" "
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:501
+#, fuzzy
+#| msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
+msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr "Beispiel: <placeholder type=\"programlisting\" id=\"0\"/>"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:507 sssd.conf.5.xml:963 sssd.conf.5.xml:984
+#: sssd.conf.5.xml:1244 sssd-ldap.5.xml:1753
+msgid "Default: none"
+msgstr "Voreinstellung: none"
+
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:484
+#: sssd.conf.5.xml:515
msgid "NSS configuration options"
msgstr "NSS-Konfigurationsoptionen"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:486
+#: sssd.conf.5.xml:517
msgid ""
"These options can be used to configure the Name Service Switch (NSS) service."
msgstr ""
@@ -856,12 +923,12 @@ msgstr ""
"benutzt werden"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:491
+#: sssd.conf.5.xml:522
msgid "enum_cache_timeout (integer)"
msgstr "enum_cache_timeout (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:494
+#: sssd.conf.5.xml:525
msgid ""
"How many seconds should nss_sss cache enumerations (requests for info about "
"all users)"
@@ -870,17 +937,17 @@ msgstr ""
"über alle Nutzer) zwischenspeichern?"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:498
+#: sssd.conf.5.xml:529
msgid "Default: 120"
msgstr "Voreinstellung: 120"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:503
+#: sssd.conf.5.xml:534
msgid "entry_cache_nowait_percentage (integer)"
msgstr "entry_cache_nowait_percentage (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:506
+#: sssd.conf.5.xml:537
msgid ""
"The entry cache can be set to automatically update entries in the background "
"if they are requested beyond a percentage of the entry_cache_timeout value "
@@ -892,7 +959,7 @@ msgstr ""
"werden."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:512
+#: sssd.conf.5.xml:543
msgid ""
"For example, if the domain's entry_cache_timeout is set to 30s and "
"entry_cache_nowait_percentage is set to 50 (percent), entries that come in "
@@ -909,7 +976,7 @@ msgstr ""
"Zwischenspeicheraktualisierung zu warten."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:522
+#: sssd.conf.5.xml:553
msgid ""
"Valid values for this option are 0-99 and represent a percentage of the "
"entry_cache_timeout for each domain. For performance reasons, this "
@@ -922,17 +989,17 @@ msgstr ""
"Sekunden senken. (0 schaltet diese Funktionalität aus.)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:530
+#: sssd.conf.5.xml:561
msgid "Default: 50"
msgstr "Voreinstellung: 50"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:535
+#: sssd.conf.5.xml:566
msgid "entry_negative_timeout (integer)"
msgstr "entry_negative_timeout (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:538
+#: sssd.conf.5.xml:569
msgid ""
"Specifies for how many seconds nss_sss should cache negative cache hits "
"(that is, queries for invalid database entries, like nonexistent ones) "
@@ -944,17 +1011,17 @@ msgstr ""
"Backend erneut gefragt wird)."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:544 sssd.conf.5.xml:992
+#: sssd.conf.5.xml:575 sssd.conf.5.xml:1044
msgid "Default: 15"
msgstr "Voreinstellung: 15"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:549
+#: sssd.conf.5.xml:580
msgid "filter_users, filter_groups (string)"
msgstr "filter_users, filter_groups (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:552
+#: sssd.conf.5.xml:583
msgid ""
"Exclude certain users from being fetched from the sss NSS database. This is "
"particularly useful for system accounts. This option can also be set per-"
@@ -967,17 +1034,17 @@ msgstr ""
"von einer bestimmten Domain herauszufiltern."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:559
+#: sssd.conf.5.xml:590
msgid "Default: root"
msgstr "Voreinstellung: root"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:564
+#: sssd.conf.5.xml:595
msgid "filter_users_in_groups (bool)"
msgstr "filter_users_in_groups (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:567
+#: sssd.conf.5.xml:598
msgid ""
"If you want filtered user still be group members set this option to false."
msgstr ""
@@ -985,12 +1052,12 @@ msgstr ""
"setzen Sie diese Option auf »false«."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:578
+#: sssd.conf.5.xml:609
msgid "fallback_homedir (string)"
msgstr "fallback_homedir (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:581
+#: sssd.conf.5.xml:612
msgid ""
"Set a default template for a user's home directory if one is not specified "
"explicitly by the domain's data provider."
@@ -999,7 +1066,7 @@ msgstr ""
"es nicht explizit durch den Datenanbieter der Domain angegeben wurde."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:586
+#: sssd.conf.5.xml:617
msgid ""
"The available values for this option are the same as for override_homedir."
msgstr ""
@@ -1007,7 +1074,7 @@ msgstr ""
"»override_homedir«."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
-#: sssd.conf.5.xml:592
+#: sssd.conf.5.xml:623
#, no-wrap
msgid ""
"fallback_homedir = /home/%u\n"
@@ -1017,24 +1084,25 @@ msgstr ""
" "
#. type: Content of: <varlistentry><listitem><para>
-#: sssd.conf.5.xml:590 include/override_homedir.xml:55
+#: sssd.conf.5.xml:621 sssd.conf.5.xml:978 sssd-krb5.5.xml:533
+#: include/override_homedir.xml:55
msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr "Beispiel: <placeholder type=\"programlisting\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:596
+#: sssd.conf.5.xml:627
msgid "Default: not set (no substitution for unset home directories)"
msgstr ""
"Voreinstellung: nicht gesetzt (kein Ersetzen nicht gesetzter Home-"
"Verzeichnisse)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:602
+#: sssd.conf.5.xml:633
msgid "override_shell (string)"
msgstr "override_shell (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:605
+#: sssd.conf.5.xml:636
msgid ""
"Override the login shell for all users. This option supersedes any other "
"shell options if it takes effect and can be set either in the [nss] section "
@@ -1045,19 +1113,19 @@ msgstr ""
"entweder im Abschnitt [nss] oder für jede Domain gesetzt werden."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:611
+#: sssd.conf.5.xml:642
msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
msgstr ""
"Voreinstellung: nicht gesetzt (SSSD wird den von LDAP erhaltenen Wert "
"benutzen)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:617
+#: sssd.conf.5.xml:648
msgid "allowed_shells (string)"
msgstr "allowed_shells (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:620
+#: sssd.conf.5.xml:651
msgid ""
"Restrict user shell to one of the listed values. The order of evaluation is:"
msgstr ""
@@ -1065,12 +1133,12 @@ msgstr ""
"Reihenfolge der Auswertung ist:"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:623
+#: sssd.conf.5.xml:654
msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
msgstr "1. Falls die Shell in »/etc/shells« vorhanden ist, wird sie benutzt."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:627
+#: sssd.conf.5.xml:658
msgid ""
"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
"quote>, use the value of the shell_fallback parameter."
@@ -1079,7 +1147,7 @@ msgstr ""
"shells« steht, wird der Wert des Parameters »shell_fallback« verwendet."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:632
+#: sssd.conf.5.xml:663
msgid ""
"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
"shells</quote>, a nologin shell is used."
@@ -1088,14 +1156,14 @@ msgstr ""
"steht, wird eine Nicht-Login-Shell benutzt."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:637
+#: sssd.conf.5.xml:668
#, fuzzy
#| msgid "These options can be used to configure any service."
msgid "The wildcard (*) can be used to allow any shell."
msgstr "Diese Optionen können zur Konfiguration jedes Dienstes benutzt werden."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:640
+#: sssd.conf.5.xml:671
msgid ""
"The (*) is useful if you want to use shell_fallback in case that user's "
"shell is not in <quote>/etc/shells</quote> and maintaining list of all "
@@ -1103,13 +1171,13 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:647
+#: sssd.conf.5.xml:678
msgid "An empty string for shell is passed as-is to libc."
msgstr ""
"Eine leere Zeichenkette als Shell wird, so wie sie ist, an Libc übergeben."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:650
+#: sssd.conf.5.xml:681
msgid ""
"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
"that a restart of the SSSD is required in case a new shell is installed."
@@ -1118,28 +1186,28 @@ msgstr ""
"Fall einer neu installierten Shell ein Neustart von SSSD nötig ist."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:654
+#: sssd.conf.5.xml:685
msgid "Default: Not set. The user shell is automatically used."
msgstr ""
"Voreinstellung: nicht gesetzt. Die Benutzer-Shell wird automatisch verwendet."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:659
+#: sssd.conf.5.xml:690
msgid "vetoed_shells (string)"
msgstr "vetoed_shells (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:662
+#: sssd.conf.5.xml:693
msgid "Replace any instance of these shells with the shell_fallback"
msgstr "ersetzt jedwede Instanz dieser Shells durch die aus »shell_fallback«."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:667
+#: sssd.conf.5.xml:698
msgid "shell_fallback (string)"
msgstr "shell_fallback (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:670
+#: sssd.conf.5.xml:701
msgid ""
"The default shell to use if an allowed shell is not installed on the machine."
msgstr ""
@@ -1147,17 +1215,17 @@ msgstr ""
"auf dem Rechner installiert ist."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:674
+#: sssd.conf.5.xml:705
msgid "Default: /bin/sh"
msgstr "Voreinstellung: /bin/sh"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:679
+#: sssd.conf.5.xml:710
msgid "default_shell"
msgstr "default_shell"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:682
+#: sssd.conf.5.xml:713
msgid ""
"The default shell to use if the provider does not return one during lookup. "
"This option can be specified globally in the [nss] section or per-domain."
@@ -1167,7 +1235,7 @@ msgstr ""
"jede Domain gesetzt werden."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:688
+#: sssd.conf.5.xml:719
msgid ""
"Default: not set (Return NULL if no shell is specified and rely on libc to "
"substitute something sensible when necessary, usually /bin/sh)"
@@ -1177,12 +1245,12 @@ msgstr ""
"Vernünftiges, üblicherweise /bin/sh, ersetzt.)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:695 sssd.conf.5.xml:881
+#: sssd.conf.5.xml:726 sssd.conf.5.xml:912
msgid "get_domains_timeout (int)"
msgstr "get_domains_timeout (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:698 sssd.conf.5.xml:884
+#: sssd.conf.5.xml:729 sssd.conf.5.xml:915
msgid ""
"Specifies time in seconds for which the list of subdomains will be "
"considered valid."
@@ -1191,12 +1259,12 @@ msgstr ""
"gültig erachtet wird."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:707
+#: sssd.conf.5.xml:738
msgid "memcache_timeout (int)"
msgstr "memcache_timeout (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:710
+#: sssd.conf.5.xml:741
msgid ""
"Specifies time in seconds for which records in the in-memory cache will be "
"valid"
@@ -1205,17 +1273,17 @@ msgstr ""
"Zwischenspeicher als gültig erachtet werden."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:714 sssd-ldap.5.xml:706
+#: sssd.conf.5.xml:745 sssd-ldap.5.xml:706
msgid "Default: 300"
msgstr "Voreinstellung: 300"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:719 sssd-ifp.5.xml:74
+#: sssd.conf.5.xml:750 sssd-ifp.5.xml:74
msgid "user_attributes (string)"
msgstr "user_attributes (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:722
+#: sssd.conf.5.xml:753
msgid ""
"Some of the additional NSS responder requests can return more attributes "
"than just the POSIX ones defined by the NSS interface. The list of "
@@ -1226,14 +1294,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:735
+#: sssd.conf.5.xml:766
msgid ""
"To make configuration more easy the NSS responder will check the InfoPipe "
"option if it is not set for the NSS responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:740
+#: sssd.conf.5.xml:771
#, fuzzy
#| msgid ""
#| "Default: 0 (only the root user is allowed to access the InfoPipe "
@@ -1244,12 +1312,12 @@ msgstr ""
"zugreifen)"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:747
+#: sssd.conf.5.xml:778
msgid "PAM configuration options"
msgstr "PAM-Konfigurationsoptionen"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:749
+#: sssd.conf.5.xml:780
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
@@ -1258,12 +1326,12 @@ msgstr ""
"Authentication Module« (PAM) einzurichten."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:754
+#: sssd.conf.5.xml:785
msgid "offline_credentials_expiration (integer)"
msgstr "offline_credentials_expiration (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:757
+#: sssd.conf.5.xml:788
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
@@ -1273,17 +1341,17 @@ msgstr ""
"erfolgreichen Anmeldung)?"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:762 sssd.conf.5.xml:775
+#: sssd.conf.5.xml:793 sssd.conf.5.xml:806
msgid "Default: 0 (No limit)"
msgstr "Voreinstellung: 0 (unbegrenzt)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:768
+#: sssd.conf.5.xml:799
msgid "offline_failed_login_attempts (integer)"
msgstr "offline_failed_login_attempts (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:771
+#: sssd.conf.5.xml:802
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
@@ -1292,12 +1360,12 @@ msgstr ""
"Authentifizierungsanbieter offline ist?"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:781
+#: sssd.conf.5.xml:812
msgid "offline_failed_login_delay (integer)"
msgstr "offline_failed_login_delay (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:784
+#: sssd.conf.5.xml:815
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
@@ -1307,7 +1375,7 @@ msgstr ""
"Anmeldeversuch möglich ist."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:789
+#: sssd.conf.5.xml:820
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -1319,17 +1387,17 @@ msgstr ""
"Authentifizierung reaktivieren."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:795 sssd.conf.5.xml:848
+#: sssd.conf.5.xml:826 sssd.conf.5.xml:879
msgid "Default: 5"
msgstr "Voreinstellung: 5"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:801
+#: sssd.conf.5.xml:832
msgid "pam_verbosity (integer)"
msgstr "pam_verbosity (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:804
+#: sssd.conf.5.xml:835
msgid ""
"Controls what kind of messages are shown to the user during authentication. "
"The higher the number to more messages are displayed."
@@ -1338,43 +1406,43 @@ msgstr ""
"angezeigt werden. Je höher die Zahl, desto mehr Nachrichten werden angezeigt."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:809
+#: sssd.conf.5.xml:840
msgid "Currently sssd supports the following values:"
msgstr "Derzeit unterstützt SSSD folgende Werte:"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:812
+#: sssd.conf.5.xml:843
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr "<emphasis>0</emphasis>: keine Nachricht anzeigen"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:815
+#: sssd.conf.5.xml:846
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr "<emphasis>1</emphasis>: nur wichtige Nachrichten anzeigen"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:819
+#: sssd.conf.5.xml:850
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr "<emphasis>2</emphasis>: nur informative Nachrichten anzeigen"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:822
+#: sssd.conf.5.xml:853
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
"<emphasis>3</emphasis>: alle Nachrichten und Debug-Informationen anzeigen"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:826 sssd.8.xml:63
+#: sssd.conf.5.xml:857 sssd.8.xml:63
msgid "Default: 1"
msgstr "Voreinstellung: 1"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:831
+#: sssd.conf.5.xml:862
msgid "pam_id_timeout (integer)"
msgstr "pam_id_timeout (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:834
+#: sssd.conf.5.xml:865
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -1386,7 +1454,7 @@ msgstr ""
"den neusten Informationen erfolgt."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:840
+#: sssd.conf.5.xml:871
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a per-"
@@ -1400,17 +1468,17 @@ msgstr ""
"viele Abfragen der Identitätsanbieter zu vermeiden."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:854
+#: sssd.conf.5.xml:885
msgid "pam_pwd_expiration_warning (integer)"
msgstr "pam_pwd_expiration_warning (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:857 sssd.conf.5.xml:1390
+#: sssd.conf.5.xml:888 sssd.conf.5.xml:1442
msgid "Display a warning N days before the password expires."
msgstr "zeigt N Tage vor Ablauf des Passworts eine Warnung an."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:860
+#: sssd.conf.5.xml:891
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1421,7 +1489,7 @@ msgstr ""
"SSSD keine Warnung anzeigen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:866 sssd.conf.5.xml:1393
+#: sssd.conf.5.xml:897 sssd.conf.5.xml:1445
msgid ""
"If zero is set, then this filter is not applied, i.e. if the expiration "
"warning was received from backend server, it will automatically be displayed."
@@ -1431,7 +1499,7 @@ msgstr ""
"automatisch angezeigt."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:871
+#: sssd.conf.5.xml:902
msgid ""
"This setting can be overridden by setting <emphasis>pwd_expiration_warning</"
"emphasis> for a particular domain."
@@ -1440,17 +1508,17 @@ msgstr ""
"emphasis> für eine bestimmte Domain außer Kraft gesetzt werden."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:876 sssd.8.xml:79
+#: sssd.conf.5.xml:907 sssd.8.xml:79
msgid "Default: 0"
msgstr "Voreinstellung: 0"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:893
+#: sssd.conf.5.xml:924
msgid "pam_trusted_users (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:896
+#: sssd.conf.5.xml:927
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAM responder. User names are resolved to UIDs at "
@@ -1458,59 +1526,77 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:902
+#: sssd.conf.5.xml:933
msgid "Default: all (All users are allowed to access the PAM responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:906
+#: sssd.conf.5.xml:937
msgid ""
"Please note that UID 0 is always allowed to access the PAM responder even in "
"case it is not in the pam_trusted_users list."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:913
+#: sssd.conf.5.xml:944
msgid "pam_public_domains (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:916
+#: sssd.conf.5.xml:947
msgid ""
"Specifies the comma-separated list of domain names that are accessible even "
"to untrusted users."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:920
+#: sssd.conf.5.xml:951
msgid "Two special values for pam_public_domains option are defined:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:924
+#: sssd.conf.5.xml:955
msgid ""
"all (Untrusted users are allowed to access all domains in PAM responder.)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:928
+#: sssd.conf.5.xml:959
msgid ""
"none (Untrusted users are not allowed to access any domains PAM in "
"responder.)"
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:932 sssd.conf.5.xml:1192 sssd-ldap.5.xml:1753
-msgid "Default: none"
-msgstr "Voreinstellung: none"
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:968
+#, fuzzy
+#| msgid "ldap_user_ad_account_expires (string)"
+msgid "pam_account_expired_message (string)"
+msgstr "ldap_user_ad_account_expires (Zeichenkette)"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:971
+msgid ""
+"If user is authenticating using SSH keys and account is expired then by "
+"default 'Permission denied' is output. This output will be changed to "
+"content of this variable if it is set."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd.conf.5.xml:980
+#, no-wrap
+msgid ""
+"pam_account_expired_message = Account expired, please call help desk.\n"
+" "
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:941
+#: sssd.conf.5.xml:993
msgid "SUDO configuration options"
msgstr "Sudo-Konfigurationsoptionen"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:943
+#: sssd.conf.5.xml:995
msgid ""
"These options can be used to configure the sudo service. The detailed "
"instructions for configuration of <citerefentry> <refentrytitle>sudo</"
@@ -1528,12 +1614,12 @@ msgstr ""
"manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:960
+#: sssd.conf.5.xml:1012
msgid "sudo_timed (bool)"
msgstr "sudo_timed (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:1015
msgid ""
"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
"that implement time-dependent sudoers entries."
@@ -1543,23 +1629,23 @@ msgstr ""
"nicht."
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:976
+#: sssd.conf.5.xml:1028
msgid "AUTOFS configuration options"
msgstr "AUTOFS-Konfigurationsoptionen"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:978
+#: sssd.conf.5.xml:1030
msgid "These options can be used to configure the autofs service."
msgstr ""
"Diese Optionen können zum Konfigurieren des Dienstes »autofs« benutzt werden."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:982
+#: sssd.conf.5.xml:1034
msgid "autofs_negative_timeout (integer)"
msgstr "autofs_negative_timeout (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:985
+#: sssd.conf.5.xml:1037
msgid ""
"Specifies for how many seconds should the autofs responder negative cache "
"hits (that is, queries for invalid map entries, like nonexistent ones) "
@@ -1570,23 +1656,23 @@ msgstr ""
"nicht existierende), bevor das Backend erneut befragt wird."
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1001
+#: sssd.conf.5.xml:1053
msgid "SSH configuration options"
msgstr "SSH-Konfigurationsoptionen"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1003
+#: sssd.conf.5.xml:1055
msgid "These options can be used to configure the SSH service."
msgstr ""
"Diese Optionen können zum Konfigurieren des SSH-Dienstes benutzt werden."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1007
+#: sssd.conf.5.xml:1059
msgid "ssh_hash_known_hosts (bool)"
msgstr "ssh_hash_known_hosts (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1010
+#: sssd.conf.5.xml:1062
msgid ""
"Whether or not to hash host names and addresses in the managed known_hosts "
"file."
@@ -1595,12 +1681,12 @@ msgstr ""
"»known_hosts« zusammengemischt werden oder nicht."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1019
+#: sssd.conf.5.xml:1071
msgid "ssh_known_hosts_timeout (integer)"
msgstr "ssh_known_hosts_timeout (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1022
+#: sssd.conf.5.xml:1074
msgid ""
"How many seconds to keep a host in the managed known_hosts file after its "
"host keys were requested."
@@ -1609,17 +1695,17 @@ msgstr ""
"»known_hosts« behalten wird, bevor seine Rechnerschlüssel abgefragt werden."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1026
+#: sssd.conf.5.xml:1078
msgid "Default: 180"
msgstr "Voreinstellung: 180"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1034
+#: sssd.conf.5.xml:1086
msgid "PAC responder configuration options"
msgstr "PAC-Responder-Konfigurationsoptionen"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1036
+#: sssd.conf.5.xml:1088
msgid ""
"The PAC responder works together with the authorization data plugin for MIT "
"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
@@ -1638,7 +1724,7 @@ msgstr ""
"ausgewertet wurde, werden einige der folgenden Transaktionen durchgeführt:"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1045
+#: sssd.conf.5.xml:1097
msgid ""
"If the remote user does not exist in the cache, it is created. The uid is "
"determined with the help of the SID, trusted domains will have UPGs and the "
@@ -1656,7 +1742,7 @@ msgstr ""
"werden."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1053
+#: sssd.conf.5.xml:1105
msgid ""
"If there are SIDs of groups from domains sssd knows about, the user will be "
"added to those groups."
@@ -1665,18 +1751,18 @@ msgstr ""
"diesen Gruppen hinzugefügt."
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1059
+#: sssd.conf.5.xml:1111
msgid "These options can be used to configure the PAC responder."
msgstr ""
"Diese Optionen können zur Konfiguration des PAC-Responders verwendet werden."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1063 sssd-ifp.5.xml:50
+#: sssd.conf.5.xml:1115 sssd-ifp.5.xml:50
msgid "allowed_uids (string)"
msgstr "allowed_uids (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1066
+#: sssd.conf.5.xml:1118
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAC responder. User names are resolved to UIDs at "
@@ -1687,14 +1773,14 @@ msgstr ""
"beim Starten zu UIDs aufgelöst."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1072
+#: sssd.conf.5.xml:1124
msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
msgstr ""
"Voreinstellung: 0 (Nur dem Benutzer Root ist der Zugriff auf den PAC-"
"Responder gestattet.)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1076
+#: sssd.conf.5.xml:1128
msgid ""
"Please note that although the UID 0 is used as the default it will be "
"overwritten with this option. If you still want to allow the root user to "
@@ -1707,17 +1793,17 @@ msgstr ""
"der Liste der erlaubten UIDs auch die 0 hinzufügen."
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:1090
+#: sssd.conf.5.xml:1142
msgid "DOMAIN SECTIONS"
msgstr "DOMAIN-ABSCHNITTE"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1097
+#: sssd.conf.5.xml:1149
msgid "min_id,max_id (integer)"
msgstr "min_id,max_id (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1100
+#: sssd.conf.5.xml:1152
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
@@ -1726,7 +1812,7 @@ msgstr ""
"enthält, der jenseits dieser Beschränkungen liegt, wird er ignoriert."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1105
+#: sssd.conf.5.xml:1157
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For non-"
@@ -1739,7 +1825,7 @@ msgstr ""
"werden jene, die im Bereich liegen, wie erwartet gemeldet."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1112
+#: sssd.conf.5.xml:1164
msgid ""
"These ID limits affect even saving entries to cache, not only returning them "
"by name or ID."
@@ -1748,17 +1834,17 @@ msgstr ""
"den Zwischenspeicher und nicht nur ihre Rückgabe über Name oder ID."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1116
+#: sssd.conf.5.xml:1168
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr "Voreinstellung: 1 für »min_id«, 0 (keine Beschränkung) für »max_id«"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1122
+#: sssd.conf.5.xml:1174
msgid "enumerate (bool)"
msgstr "enumerate (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1125
+#: sssd.conf.5.xml:1177
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
@@ -1767,23 +1853,23 @@ msgstr ""
"der folgenden Werte haben:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1129
+#: sssd.conf.5.xml:1181
msgid "TRUE = Users and groups are enumerated"
msgstr "TRUE = Benutzer und Gruppen werden aufgezählt."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1132
+#: sssd.conf.5.xml:1184
msgid "FALSE = No enumerations for this domain"
msgstr "FALSE = keine Aufzählungen für diese Domain"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1135 sssd.conf.5.xml:1367 sssd.conf.5.xml:1476
-#: sssd.conf.5.xml:1493
+#: sssd.conf.5.xml:1187 sssd.conf.5.xml:1419 sssd.conf.5.xml:1528
+#: sssd.conf.5.xml:1545
msgid "Default: FALSE"
msgstr "Voreinstellung: FALSE"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1138
+#: sssd.conf.5.xml:1190
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
@@ -1803,7 +1889,7 @@ msgstr ""
"die Mitgliedschaften neu berechnet werden müssen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1151
+#: sssd.conf.5.xml:1203
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
@@ -1813,7 +1899,7 @@ msgstr ""
"Ergebnisse zurück."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1156
+#: sssd.conf.5.xml:1208
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -1828,7 +1914,7 @@ msgstr ""
"benutzten »id_provider«."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1164
+#: sssd.conf.5.xml:1216
msgid ""
"For the reasons cited above, enabling enumeration is not recommended, "
"especially in large environments."
@@ -1837,32 +1923,32 @@ msgstr ""
"insbesondere in großen Umgebungen, nicht empfohlen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1172
+#: sssd.conf.5.xml:1224
msgid "subdomain_enumerate (string)"
msgstr "subdomain_enumerate (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1179
+#: sssd.conf.5.xml:1231
msgid "all"
msgstr "all"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1180
+#: sssd.conf.5.xml:1232
msgid "All discovered trusted domains will be enumerated"
msgstr "Alle entdeckten vertrauenswürdigen Domains werden aufgezählt."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1183
+#: sssd.conf.5.xml:1235
msgid "none"
msgstr "none"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1184
+#: sssd.conf.5.xml:1236
msgid "No discovered trusted domains will be enumerated"
msgstr "Keine der entdeckten vertrauenswürdigen Domains wird aufgezählt."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1175
+#: sssd.conf.5.xml:1227
msgid ""
"Whether any of autodetected trusted domains should be enumerated. The "
"supported values are: <placeholder type=\"variablelist\" id=\"0\"/> "
@@ -1876,12 +1962,12 @@ msgstr ""
"Domains aktivieren."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1215
+#: sssd.conf.5.xml:1267
msgid "entry_cache_timeout (integer)"
msgstr "entry_cache_timeout (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1218
+#: sssd.conf.5.xml:1270
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
@@ -1890,7 +1976,7 @@ msgstr ""
"soll, bevor das Backend erneut abgefragt wird."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1222
+#: sssd.conf.5.xml:1274
msgid ""
"The cache expiration timestamps are stored as attributes of individual "
"objects in the cache. Therefore, changing the cache timeout only has effect "
@@ -1908,17 +1994,17 @@ msgstr ""
"wurden."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1235
+#: sssd.conf.5.xml:1287
msgid "Default: 5400"
msgstr "Voreinstellung: 5400"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1241
+#: sssd.conf.5.xml:1293
msgid "entry_cache_user_timeout (integer)"
msgstr "entry_cache_user_timeout (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1244
+#: sssd.conf.5.xml:1296
msgid ""
"How many seconds should nss_sss consider user entries valid before asking "
"the backend again"
@@ -1927,19 +2013,19 @@ msgstr ""
"betrachten soll, bevor das Backend erneut abgefragt wird."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1248 sssd.conf.5.xml:1261 sssd.conf.5.xml:1274
-#: sssd.conf.5.xml:1287 sssd.conf.5.xml:1300 sssd.conf.5.xml:1314
-#: sssd.conf.5.xml:1328
+#: sssd.conf.5.xml:1300 sssd.conf.5.xml:1313 sssd.conf.5.xml:1326
+#: sssd.conf.5.xml:1339 sssd.conf.5.xml:1352 sssd.conf.5.xml:1366
+#: sssd.conf.5.xml:1380
msgid "Default: entry_cache_timeout"
msgstr "Voreinstellung: entry_cache_timeout"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1254
+#: sssd.conf.5.xml:1306
msgid "entry_cache_group_timeout (integer)"
msgstr "entry_cache_group_timeout (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1257
+#: sssd.conf.5.xml:1309
msgid ""
"How many seconds should nss_sss consider group entries valid before asking "
"the backend again"
@@ -1948,12 +2034,12 @@ msgstr ""
"betrachten soll, bevor das Backend erneut abgefragt wird."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1267
+#: sssd.conf.5.xml:1319
msgid "entry_cache_netgroup_timeout (integer)"
msgstr "entry_cache_netgroup_timeout (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1270
+#: sssd.conf.5.xml:1322
msgid ""
"How many seconds should nss_sss consider netgroup entries valid before "
"asking the backend again"
@@ -1962,12 +2048,12 @@ msgstr ""
"betrachten soll, bevor das Backend erneut abgefragt wird."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1280
+#: sssd.conf.5.xml:1332
msgid "entry_cache_service_timeout (integer)"
msgstr "entry_cache_service_timeout (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1283
+#: sssd.conf.5.xml:1335
msgid ""
"How many seconds should nss_sss consider service entries valid before asking "
"the backend again"
@@ -1976,12 +2062,12 @@ msgstr ""
"betrachten soll, bevor das Backend erneut abgefragt wird."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1293
+#: sssd.conf.5.xml:1345
msgid "entry_cache_sudo_timeout (integer)"
msgstr "entry_cache_sudo_timeout (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1296
+#: sssd.conf.5.xml:1348
msgid ""
"How many seconds should sudo consider rules valid before asking the backend "
"again"
@@ -1990,12 +2076,12 @@ msgstr ""
"bevor das Backend erneut abgefragt wird."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1306
+#: sssd.conf.5.xml:1358
msgid "entry_cache_autofs_timeout (integer)"
msgstr "entry_cache_autofs_timeout (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1309
+#: sssd.conf.5.xml:1361
msgid ""
"How many seconds should the autofs service consider automounter maps valid "
"before asking the backend again"
@@ -2005,24 +2091,24 @@ msgstr ""
"wird."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1320
+#: sssd.conf.5.xml:1372
msgid "entry_cache_ssh_host_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1323
+#: sssd.conf.5.xml:1375
msgid ""
"How many seconds to keep a host ssh key after refresh. IE how long to cache "
"the host key for."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1334
+#: sssd.conf.5.xml:1386
msgid "refresh_expired_interval (integer)"
msgstr "refresh_expired_interval (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1337
+#: sssd.conf.5.xml:1389
msgid ""
"Specifies how many seconds SSSD has to wait before triggering a background "
"refresh task which will refresh all expired or nearly expired records."
@@ -2032,50 +2118,49 @@ msgstr ""
"abgelaufenen oder beinahe abgelaufenen Daten aktualisiert werden."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1342
-msgid "Currently only refreshing expired netgroups is supported."
+#: sssd.conf.5.xml:1394
+msgid ""
+"The background refresh will process users, groups and netgroups in the cache."
msgstr ""
-"Derzeit wird lediglich die Aktualisierung abgelaufener Netzgruppen "
-"unterstützt."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1346
+#: sssd.conf.5.xml:1398
msgid "You can consider setting this value to 3/4 * entry_cache_timeout."
msgstr ""
"Sie können in Betracht ziehen, diesen Wert auf 3/4 * entry_cache_timeout zu "
"setzen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1350 sssd-ipa.5.xml:224
+#: sssd.conf.5.xml:1402 sssd-ipa.5.xml:224
msgid "Default: 0 (disabled)"
msgstr "Voreinstellung: 0 (deaktiviert)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1356
+#: sssd.conf.5.xml:1408
msgid "cache_credentials (bool)"
msgstr "cache_credentials (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1359
+#: sssd.conf.5.xml:1411
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
"bestimmt, ob auch Benutzerberechtigungen im lokalen LDB-Zwischenspeicher "
"zwischengespeichert werden."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1363
+#: sssd.conf.5.xml:1415
msgid "User credentials are stored in a SHA512 hash, not in plaintext"
msgstr ""
"Benutzerberechtigungen werden in einem SHA512-Hash, nicht im Klartext "
"gespeichert."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1372
+#: sssd.conf.5.xml:1424
msgid "account_cache_expiration (integer)"
msgstr "account_cache_expiration (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1375
+#: sssd.conf.5.xml:1427
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -2088,17 +2173,17 @@ msgstr ""
"Parameters muss größer oder gleich »offline_credentials_expiration« sein."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1382
+#: sssd.conf.5.xml:1434
msgid "Default: 0 (unlimited)"
msgstr "Voreinstellung: 0 (unbegrenzt)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1387
+#: sssd.conf.5.xml:1439
msgid "pwd_expiration_warning (integer)"
msgstr "pwd_expiration_warning (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1398
+#: sssd.conf.5.xml:1450
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -2111,17 +2196,17 @@ msgstr ""
"Authentifizierungsanbieter konfiguriert werden."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1405
+#: sssd.conf.5.xml:1457
msgid "Default: 7 (Kerberos), 0 (LDAP)"
msgstr "Voreinstellung: 7 (Kerberos), 0 (LDAP)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1411
+#: sssd.conf.5.xml:1463
msgid "id_provider (string)"
msgstr "id_provider (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1414
+#: sssd.conf.5.xml:1466
msgid ""
"The identification provider used for the domain. Supported ID providers are:"
msgstr ""
@@ -2129,17 +2214,17 @@ msgstr ""
"werden unterstützt:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1418
+#: sssd.conf.5.xml:1470
msgid "<quote>proxy</quote>: Support a legacy NSS provider"
msgstr "»proxy«: unterstützt einen veralteten NSS-Anbieter."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1421 sssd.conf.5.xml:1539
+#: sssd.conf.5.xml:1473 sssd.conf.5.xml:1591
msgid "<quote>local</quote>: SSSD internal provider for local users"
msgstr "»local«: SSSDs interner Anbieter für lokale Benutzer"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1425
+#: sssd.conf.5.xml:1477
msgid ""
"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
@@ -2150,8 +2235,8 @@ msgstr ""
"<manvolnum>5</manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1433 sssd.conf.5.xml:1519 sssd.conf.5.xml:1574
-#: sssd.conf.5.xml:1627
+#: sssd.conf.5.xml:1485 sssd.conf.5.xml:1571 sssd.conf.5.xml:1626
+#: sssd.conf.5.xml:1679
msgid ""
"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -2164,8 +2249,8 @@ msgstr ""
"manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1442 sssd.conf.5.xml:1528 sssd.conf.5.xml:1583
-#: sssd.conf.5.xml:1636
+#: sssd.conf.5.xml:1494 sssd.conf.5.xml:1580 sssd.conf.5.xml:1635
+#: sssd.conf.5.xml:1688
msgid ""
"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2177,12 +2262,12 @@ msgstr ""
"citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1453
+#: sssd.conf.5.xml:1505
msgid "use_fully_qualified_names (bool)"
msgstr "use_fully_qualified_names (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1456
+#: sssd.conf.5.xml:1508
msgid ""
"Use the full name and domain (as formatted by the domain's full_name_format) "
"as the user's login name reported to NSS."
@@ -2192,7 +2277,7 @@ msgstr ""
"Benutzers, der an NSS gemeldet wird."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1461
+#: sssd.conf.5.xml:1513
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified names. "
"For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -2206,7 +2291,7 @@ msgstr ""
"test@LOCAL</command> würde ihn hingegen finden."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1469
+#: sssd.conf.5.xml:1521
msgid ""
"NOTE: This option has no effect on netgroup lookups due to their tendency to "
"include nested netgroups without qualified names. For netgroups, all domains "
@@ -2218,17 +2303,17 @@ msgstr ""
"nicht voll qualifizierter Name angefragt wird."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1481
+#: sssd.conf.5.xml:1533
msgid "ignore_group_members (bool)"
msgstr "ignore_group_members (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1484
+#: sssd.conf.5.xml:1536
msgid "Do not return group members for group lookups."
msgstr "gibt beim Nachschlagen der Gruppe nicht die Gruppenmitglieder zurück."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1487
+#: sssd.conf.5.xml:1539
msgid ""
"If set to TRUE, the group membership attribute is not requested from the "
"ldap server, and group members are not returned when processing group lookup "
@@ -2239,12 +2324,12 @@ msgstr ""
"verarbeitet werden, werden die Gruppenmitglieder nicht zurückgegeben."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1498
+#: sssd.conf.5.xml:1550
msgid "auth_provider (string)"
msgstr "auth_provider (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1501
+#: sssd.conf.5.xml:1553
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
@@ -2253,7 +2338,7 @@ msgstr ""
"Authentifizierungsanbieter werden unterstützt:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1505 sssd.conf.5.xml:1567
+#: sssd.conf.5.xml:1557 sssd.conf.5.xml:1619
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2264,7 +2349,7 @@ msgstr ""
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1512
+#: sssd.conf.5.xml:1564
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2276,19 +2361,19 @@ msgstr ""
"citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1536
+#: sssd.conf.5.xml:1588
msgid ""
"<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr ""
"»proxy« zur Weitergabe der Authentifizierung an irgendein anderes PAM-Ziel"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1543
+#: sssd.conf.5.xml:1595
msgid "<quote>none</quote> disables authentication explicitly."
msgstr "»none« deaktiviert explizit die Authentifizierung."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1546
+#: sssd.conf.5.xml:1598
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
@@ -2297,12 +2382,12 @@ msgstr ""
"mit Authentifizierungsanfragen umgehen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1552
+#: sssd.conf.5.xml:1604
msgid "access_provider (string)"
msgstr "access_provider (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1555
+#: sssd.conf.5.xml:1607
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -2313,7 +2398,7 @@ msgstr ""
"Backends enthalten sind). Interne Spezialanbieter sind:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1561
+#: sssd.conf.5.xml:1613
msgid ""
"<quote>permit</quote> always allow access. It's the only permitted access "
"provider for a local domain."
@@ -2322,12 +2407,12 @@ msgstr ""
"für eine lokale Domain."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1564
+#: sssd.conf.5.xml:1616
msgid "<quote>deny</quote> always deny access."
msgstr "»deny« verweigert dem Zugriff immer."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1591
+#: sssd.conf.5.xml:1643
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
@@ -2340,17 +2425,17 @@ msgstr ""
"simple</refentrytitle> <manvolnum>5</manvolnum></citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1598
+#: sssd.conf.5.xml:1650
msgid "Default: <quote>permit</quote>"
msgstr "Voreinstellung: »permit«"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1603
+#: sssd.conf.5.xml:1655
msgid "chpass_provider (string)"
msgstr "chpass_provider (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1606
+#: sssd.conf.5.xml:1658
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
@@ -2359,7 +2444,7 @@ msgstr ""
"Folgende Anbieter von Passwortänderungen werden unterstützt:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1611
+#: sssd.conf.5.xml:1663
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
@@ -2371,7 +2456,7 @@ msgstr ""
"manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1619
+#: sssd.conf.5.xml:1671
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2383,19 +2468,19 @@ msgstr ""
"citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1644
+#: sssd.conf.5.xml:1696
msgid ""
"<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr ""
"»proxy« zur Weitergabe der Passwortänderung an irgendein anderes PAM-Ziel"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1648
+#: sssd.conf.5.xml:1700
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr "»none« verbietet explizit Passwortänderungen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1651
+#: sssd.conf.5.xml:1703
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
@@ -2404,19 +2489,19 @@ msgstr ""
"kann mit Passwortänderungsanfragen umgehen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1658
+#: sssd.conf.5.xml:1710
msgid "sudo_provider (string)"
msgstr "sudo_provider (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1661
+#: sssd.conf.5.xml:1713
msgid "The SUDO provider used for the domain. Supported SUDO providers are:"
msgstr ""
"der für diese Domain benutzte Sudo-Anbieter. Folgende Sudo-Anbieter werden "
"unterstützt:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1665
+#: sssd.conf.5.xml:1717
msgid ""
"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2427,7 +2512,7 @@ msgstr ""
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1673
+#: sssd.conf.5.xml:1725
msgid ""
"<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default "
"settings."
@@ -2436,7 +2521,7 @@ msgstr ""
"Vorgabeeinstellungen für IPA."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1677
+#: sssd.conf.5.xml:1729
msgid ""
"<quote>ad</quote> the same as <quote>ldap</quote> but with AD default "
"settings."
@@ -2445,19 +2530,19 @@ msgstr ""
"Vorgabeeinstellungen für AD."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1681
+#: sssd.conf.5.xml:1733
msgid "<quote>none</quote> disables SUDO explicitly."
msgstr "»none« deaktiviert explizit Sudo."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1684 sssd.conf.5.xml:1762 sssd.conf.5.xml:1794
-#: sssd.conf.5.xml:1819
+#: sssd.conf.5.xml:1736 sssd.conf.5.xml:1814 sssd.conf.5.xml:1846
+#: sssd.conf.5.xml:1871
msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
msgstr ""
"Voreinstellung: Falls gesetzt, wird der Wert von »id_provider« benutzt."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1688
+#: sssd.conf.5.xml:1740
msgid ""
"The detailed instructions for configuration of sudo_provider are in the "
"manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> "
@@ -2474,12 +2559,12 @@ msgstr ""
"<manvolnum>5</manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1705
+#: sssd.conf.5.xml:1757
msgid "selinux_provider (string)"
msgstr "selinux_provider (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1708
+#: sssd.conf.5.xml:1760
msgid ""
"The provider which should handle loading of selinux settings. Note that this "
"provider will be called right after access provider ends. Supported selinux "
@@ -2490,7 +2575,7 @@ msgstr ""
"Zugriffsanbieter beendet hat. Folgende SELinux-Anbieter werden unterstützt:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1714
+#: sssd.conf.5.xml:1766
msgid ""
"<quote>ipa</quote> to load selinux settings from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2502,12 +2587,12 @@ msgstr ""
"manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1722
+#: sssd.conf.5.xml:1774
msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
msgstr "»none« verbietet explizit das Abholen von SELinux-Einstellungen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1725
+#: sssd.conf.5.xml:1777
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"selinux loading requests."
@@ -2516,12 +2601,12 @@ msgstr ""
"kann SELinux-Ladeanfragen handhaben."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1731
+#: sssd.conf.5.xml:1783
msgid "subdomains_provider (string)"
msgstr "subdomains_provider (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1734
+#: sssd.conf.5.xml:1786
msgid ""
"The provider which should handle fetching of subdomains. This value should "
"be always the same as id_provider. Supported subdomain providers are:"
@@ -2531,7 +2616,7 @@ msgstr ""
"werden unterstützt:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1740
+#: sssd.conf.5.xml:1792
msgid ""
"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2543,7 +2628,7 @@ msgstr ""
"citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1749
+#: sssd.conf.5.xml:1801
msgid ""
"<quote>ad</quote> to load a list of subdomains from an Active Directory "
"server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> "
@@ -2552,17 +2637,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1758
+#: sssd.conf.5.xml:1810
msgid "<quote>none</quote> disallows fetching subdomains explicitly."
msgstr "»none« deaktiviert explizit das Abholen von Subdomains."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1769
+#: sssd.conf.5.xml:1821
msgid "autofs_provider (string)"
msgstr "autofs_provider (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1772
+#: sssd.conf.5.xml:1824
msgid ""
"The autofs provider used for the domain. Supported autofs providers are:"
msgstr ""
@@ -2570,7 +2655,7 @@ msgstr ""
"»autofs« werden unterstützt:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1776
+#: sssd.conf.5.xml:1828
msgid ""
"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2582,7 +2667,7 @@ msgstr ""
"citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1783
+#: sssd.conf.5.xml:1835
msgid ""
"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2594,17 +2679,17 @@ msgstr ""
"citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1791
+#: sssd.conf.5.xml:1843
msgid "<quote>none</quote> disables autofs explicitly."
msgstr "»none« deaktiviert explizit »autofs«."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1801
+#: sssd.conf.5.xml:1853
msgid "hostid_provider (string)"
msgstr "hostid_provider (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1804
+#: sssd.conf.5.xml:1856
msgid ""
"The provider used for retrieving host identity information. Supported "
"hostid providers are:"
@@ -2613,7 +2698,7 @@ msgstr ""
"wird. Folgende Anbieter von »hostid« werden unterstützt:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1808
+#: sssd.conf.5.xml:1860
msgid ""
"<quote>ipa</quote> to load host identity stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2625,12 +2710,12 @@ msgstr ""
"manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1816
+#: sssd.conf.5.xml:1868
msgid "<quote>none</quote> disables hostid explicitly."
msgstr "»none« deaktiviert explizit »hostid«."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1829
+#: sssd.conf.5.xml:1881
msgid ""
"Regular expression for this domain that describes how to parse the string "
"containing user name and domain into these components. The \"domain\" can "
@@ -2645,7 +2730,7 @@ msgstr ""
"(NetBIOS-) Namen der Domain entsprechen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1838
+#: sssd.conf.5.xml:1890
msgid ""
"Default for the AD and IPA provider: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
"\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
@@ -2657,22 +2742,22 @@ msgstr ""
"P&lt;Name&gt;[^@\\\\]+)$))« "
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1843
+#: sssd.conf.5.xml:1895
msgid "username"
msgstr "Benutzername"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1846
+#: sssd.conf.5.xml:1898
msgid "username@domain.name"
msgstr "Benutzername@Domain.Name"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1849
+#: sssd.conf.5.xml:1901
msgid "domain\\username"
msgstr "Domain\\Benutzername"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1852
+#: sssd.conf.5.xml:1904
msgid ""
"While the first two correspond to the general default the third one is "
"introduced to allow easy integration of users from Windows domains."
@@ -2682,7 +2767,7 @@ msgstr ""
"Windows-Domains zu ermöglichen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1857
+#: sssd.conf.5.xml:1909
msgid ""
"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
"which translates to \"the name is everything up to the <quote>@</quote> "
@@ -2692,7 +2777,7 @@ msgstr ""
"bedeutet »der Name ist alles bis zum »@«-Zeichen, die Domain alles danach«"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1863
+#: sssd.conf.5.xml:1915
msgid ""
"PLEASE NOTE: the support for non-unique named subpatterns is not available "
"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
@@ -2704,7 +2789,7 @@ msgstr ""
"eindeutig benannte Musterteile unterstützen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1870
+#: sssd.conf.5.xml:1922
msgid ""
"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?"
"P&lt;name&gt;) to label subpatterns."
@@ -2713,17 +2798,17 @@ msgstr ""
"Beschriftungsmusterteile nur die Python-Syntax (?P&lt;Name&gt;)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1917
+#: sssd.conf.5.xml:1969
msgid "Default: <quote>%1$s@%2$s</quote>."
msgstr "Voreinstellung: »%1$s@%2$s«"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1923
+#: sssd.conf.5.xml:1975
msgid "lookup_family_order (string)"
msgstr "lookup_family_order (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1926
+#: sssd.conf.5.xml:1978
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
@@ -2731,46 +2816,46 @@ msgstr ""
"ermöglicht es, die bei DNS-Abfragen zu bevorzugende Adressfamilie zu wählen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1930
+#: sssd.conf.5.xml:1982
msgid "Supported values:"
msgstr "unterstützte Werte:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1933
+#: sssd.conf.5.xml:1985
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr ""
"ipv4_first: versucht die IPv4- und, falls dies fehlschlägt, die IPv6-Adresse "
"nachzuschlagen"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1936
+#: sssd.conf.5.xml:1988
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr "ipv4_only: versucht, nur Rechnernamen zu IPv4-Adressen aufzulösen"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1939
+#: sssd.conf.5.xml:1991
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr ""
"ipv6_first: versucht die IPv6- und, falls dies fehlschlägt, die IPv4-Adresse "
"nachzuschlagen"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1942
+#: sssd.conf.5.xml:1994
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr "ipv6_only: versucht, nur Rechnernamen zu IPv6-Adressen aufzulösen"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1945
+#: sssd.conf.5.xml:1997
msgid "Default: ipv4_first"
msgstr "Voreinstellung: ipv4_first"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1951
+#: sssd.conf.5.xml:2003
msgid "dns_resolver_timeout (integer)"
msgstr "dns_resolver_timeout (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1954
+#: sssd.conf.5.xml:2006
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -2782,18 +2867,18 @@ msgstr ""
"Offline-Modus arbeiten."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1960 sssd-ldap.5.xml:1184 sssd-ldap.5.xml:1226
-#: sssd-ldap.5.xml:1241 sssd-krb5.5.xml:239
+#: sssd.conf.5.xml:2012 sssd-ldap.5.xml:1184 sssd-ldap.5.xml:1226
+#: sssd-ldap.5.xml:1241 sssd-krb5.5.xml:248
msgid "Default: 6"
msgstr "Voreinstellung: 6"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1966
+#: sssd.conf.5.xml:2018
msgid "dns_discovery_domain (string)"
msgstr "dns_discovery_domain (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1969
+#: sssd.conf.5.xml:2021
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
@@ -2802,52 +2887,52 @@ msgstr ""
"DNS-Dienstabfrage an."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1973
+#: sssd.conf.5.xml:2025
msgid "Default: Use the domain part of machine's hostname"
msgstr "Voreinstellung: Der Domain-Teil des Rechnernamens wird benutzt."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1979
+#: sssd.conf.5.xml:2031
msgid "override_gid (integer)"
msgstr "override_gid (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1982
+#: sssd.conf.5.xml:2034
msgid "Override the primary GID value with the one specified."
msgstr "überschreibt die Haupt-GID mit der angegebenen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1988
+#: sssd.conf.5.xml:2040
msgid "case_sensitive (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1996
+#: sssd.conf.5.xml:2048
msgid "True"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1999
+#: sssd.conf.5.xml:2051
msgid "Case sensitive. This value is invalid for AD provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2005
+#: sssd.conf.5.xml:2057
msgid "False"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2007
+#: sssd.conf.5.xml:2059
msgid "Case insensitive."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2011
+#: sssd.conf.5.xml:2063
msgid "Preserving"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2014
+#: sssd.conf.5.xml:2066
msgid ""
"Same as False (case insensitive), but does not lowercase names in the result "
"of NSS operations. Note that name aliases (and in case of services also "
@@ -2855,7 +2940,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1991
+#: sssd.conf.5.xml:2043
msgid ""
"Treat user and group names as case sensitive. At the moment, this option is "
"not supported in the local provider. Possible option values are: "
@@ -2863,17 +2948,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2026
+#: sssd.conf.5.xml:2078
msgid "Default: True (False for AD provider)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2032
+#: sssd.conf.5.xml:2084
msgid "proxy_fast_alias (boolean)"
msgstr "proxy_fast_alias (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2035
+#: sssd.conf.5.xml:2087
msgid ""
"When a user or group is looked up by name in the proxy provider, a second "
"lookup by ID is performed to \"canonicalize\" the name in case the requested "
@@ -2887,22 +2972,22 @@ msgstr ""
"veranlassen, die ID im Zwischenspeicher nachzuschlagen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2049
+#: sssd.conf.5.xml:2101
msgid "subdomain_homedir (string)"
msgstr "subdomain_homedir (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2060
+#: sssd.conf.5.xml:2112
msgid "%F"
msgstr "%F"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2061
+#: sssd.conf.5.xml:2113
msgid "flat (NetBIOS) name of a subdomain."
msgstr "flacher (NetBIOS-) Name einer Subdomain"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2052
+#: sssd.conf.5.xml:2104
msgid ""
"Use this homedir as default value for all subdomains within this domain in "
"IPA AD trust. See <emphasis>override_homedir</emphasis> for info about "
@@ -2917,7 +3002,7 @@ msgstr ""
"verwendet werden. <placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2066
+#: sssd.conf.5.xml:2118
msgid ""
"The value can be overridden by <emphasis>override_homedir</emphasis> option."
msgstr ""
@@ -2925,17 +3010,17 @@ msgstr ""
"überschrieben werden."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2070
+#: sssd.conf.5.xml:2122
msgid "Default: <filename>/home/%d/%u</filename>"
msgstr "Voreinstellung: <filename>/home/%d/%u</filename>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2075
+#: sssd.conf.5.xml:2127
msgid "realmd_tags (string)"
msgstr "realmd_tags (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2078
+#: sssd.conf.5.xml:2130
msgid ""
"Various tags stored by the realmd configuration service for this domain."
msgstr ""
@@ -2943,7 +3028,7 @@ msgstr ""
"Kennzeichnungen"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1092
+#: sssd.conf.5.xml:1144
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
@@ -2955,17 +3040,17 @@ msgstr ""
"\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2091
+#: sssd.conf.5.xml:2143
msgid "proxy_pam_target (string)"
msgstr "proxy_pam_target (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2094
+#: sssd.conf.5.xml:2146
msgid "The proxy target PAM proxies to."
msgstr "das Proxy-Ziel, an das PAM weiterleitet"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2097
+#: sssd.conf.5.xml:2149
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
@@ -2975,12 +3060,12 @@ msgstr ""
"hinzufügen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2105
+#: sssd.conf.5.xml:2157
msgid "proxy_lib_name (string)"
msgstr "proxy_lib_name (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2108
+#: sssd.conf.5.xml:2160
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -2991,7 +3076,7 @@ msgstr ""
"$(libName)_$(function)«, zum Beispiel »_nss_files_getpwent«."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:2087
+#: sssd.conf.5.xml:2139
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
"\"0\"/>"
@@ -3000,12 +3085,12 @@ msgstr ""
"\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:2120
+#: sssd.conf.5.xml:2172
msgid "The local domain section"
msgstr "Der Abschnitt lokale Domain"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:2122
+#: sssd.conf.5.xml:2174
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -3016,29 +3101,29 @@ msgstr ""
"<replaceable>ID_Anbieter=lokal</replaceable> benutzt."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2129
+#: sssd.conf.5.xml:2181
msgid "default_shell (string)"
msgstr "default_shell (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2132
+#: sssd.conf.5.xml:2184
msgid "The default shell for users created with SSSD userspace tools."
msgstr ""
"die Standard-Shell für Anwender, die mit den SSSD-Werkzeugen für den "
"Benutzerbereich erstellt wurde."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2136
+#: sssd.conf.5.xml:2188
msgid "Default: <filename>/bin/bash</filename>"
msgstr "Voreinstellung: <filename>/bin/bash</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2141
+#: sssd.conf.5.xml:2193
msgid "base_directory (string)"
msgstr "base_directory (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2144
+#: sssd.conf.5.xml:2196
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
@@ -3047,17 +3132,17 @@ msgstr ""
"replaceable> und benutzen dies als Home-Verzeichnis."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2149
+#: sssd.conf.5.xml:2201
msgid "Default: <filename>/home</filename>"
msgstr "Voreinstellung: <filename>/home</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2154
+#: sssd.conf.5.xml:2206
msgid "create_homedir (bool)"
msgstr "create_homedir (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2157
+#: sssd.conf.5.xml:2209
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
@@ -3066,17 +3151,17 @@ msgstr ""
"werden soll; kann auf der Befehlszeile überschrieben werden"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2161 sssd.conf.5.xml:2173
+#: sssd.conf.5.xml:2213 sssd.conf.5.xml:2225
msgid "Default: TRUE"
msgstr "Voreinstellung: TRUE"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2166
+#: sssd.conf.5.xml:2218
msgid "remove_homedir (bool)"
msgstr "remove_homedir (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2169
+#: sssd.conf.5.xml:2221
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
@@ -3085,12 +3170,12 @@ msgstr ""
"entfernt werden soll; kann auf der Befehlszeile überschrieben werden"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2178
+#: sssd.conf.5.xml:2230
msgid "homedir_umask (integer)"
msgstr "homedir_umask (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2181
+#: sssd.conf.5.xml:2233
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -3101,17 +3186,17 @@ msgstr ""
"Standardzugriffsrechte für ein neu erstelltes Home-Verzeichnis anzugeben."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2189
+#: sssd.conf.5.xml:2241
msgid "Default: 077"
msgstr "Voreinstellung: 077"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2194
+#: sssd.conf.5.xml:2246
msgid "skel_dir (string)"
msgstr "skel_dir (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2197
+#: sssd.conf.5.xml:2249
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -3124,17 +3209,17 @@ msgstr ""
"<manvolnum>8</manvolnum> </citerefentry> erstellt wird"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2207
+#: sssd.conf.5.xml:2259
msgid "Default: <filename>/etc/skel</filename>"
msgstr "Voreinstellung: <filename>/etc/skel</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2212
+#: sssd.conf.5.xml:2264
msgid "mail_dir (string)"
msgstr "mail_dir (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2215
+#: sssd.conf.5.xml:2267
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -3145,17 +3230,17 @@ msgstr ""
"wurde. Ist dies nicht angegeben wird ein Standardwert verwendet."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2222
+#: sssd.conf.5.xml:2274
msgid "Default: <filename>/var/mail</filename>"
msgstr "Voreinstellung: <filename>/var/mail</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2227
+#: sssd.conf.5.xml:2279
msgid "userdel_cmd (string)"
msgstr "userdel_cmd (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2230
+#: sssd.conf.5.xml:2282
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -3167,19 +3252,19 @@ msgstr ""
"berücksichtigt."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2236
+#: sssd.conf.5.xml:2288
msgid "Default: None, no command is run"
msgstr "Voreinstellung: keine, es wird kein Befehl ausgeführt"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:2246 sssd-ldap.5.xml:2518 sssd-simple.5.xml:131
-#: sssd-ipa.5.xml:718 sssd-ad.5.xml:843 sssd-krb5.5.xml:519
+#: sssd.conf.5.xml:2298 sssd-ldap.5.xml:2569 sssd-simple.5.xml:131
+#: sssd-ipa.5.xml:718 sssd-ad.5.xml:843 sssd-krb5.5.xml:564
#: sss_rpcidmapd.5.xml:98
msgid "EXAMPLE"
msgstr "BEISPIEL"
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:2252
+#: sssd.conf.5.xml:2304
#, no-wrap
msgid ""
"[sssd]\n"
@@ -3233,7 +3318,7 @@ msgstr ""
"enumerate = False\n"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:2248
+#: sssd.conf.5.xml:2300
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -4231,7 +4316,7 @@ msgstr "das LDAP-Attribut, das dem vollständigen Benutzernamen entspricht"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:738 sssd-ldap.5.xml:831 sssd-ldap.5.xml:1058
-#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:2102 sssd-ldap.5.xml:2441
+#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:2153 sssd-ldap.5.xml:2492
#: sssd-ipa.5.xml:591
msgid "Default: cn"
msgstr "Voreinstellung: cn"
@@ -4574,11 +4659,6 @@ msgstr ""
"Aktionen beschleunigt (vor allem, beim Umgang mit komplexen oder "
"verschachtelten Gruppen)."
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1017
-msgid "ldap_use_tokengroups"
-msgstr "ldap_use_tokengroups"
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1020
msgid ""
@@ -4851,7 +4931,7 @@ msgstr ""
"Lebensdauer) verwendet."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1258 sssd-ldap.5.xml:2259
+#: sssd-ldap.5.xml:1258 sssd-ldap.5.xml:2310
msgid "Default: 900 (15 minutes)"
msgstr "Voreinstellung: 900 (15 Minuten)"
@@ -5421,7 +5501,7 @@ msgstr ""
"filename>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:403 sssd-krb5.5.xml:453
+#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:403 sssd-krb5.5.xml:462
msgid "krb5_canonicalize (boolean)"
msgstr "krb5_canonicalize (Boolesch)"
@@ -5436,12 +5516,12 @@ msgstr ""
"Kerberos >= 1.7 verfügbar."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1700 sssd-krb5.5.xml:468
+#: sssd-ldap.5.xml:1700 sssd-krb5.5.xml:477
msgid "krb5_use_kdcinfo (boolean)"
msgstr "krb5_use_kdcinfo (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1703 sssd-krb5.5.xml:471
+#: sssd-ldap.5.xml:1703 sssd-krb5.5.xml:480
msgid ""
"Specifies if the SSSD should instruct the Kerberos libraries what realm and "
"which KDCs to use. This option is on by default, if you disable it, you need "
@@ -5457,7 +5537,7 @@ msgstr ""
"manvolnum> </citerefentry> einrichten."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1714 sssd-krb5.5.xml:482
+#: sssd-ldap.5.xml:1714 sssd-krb5.5.xml:491
msgid ""
"See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</"
"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more "
@@ -5799,11 +5879,64 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1958
+msgid ""
+"<emphasis> Please note that this option is superseded by the <quote>ppolicy</"
+"quote> option and might be removed in a future release. </emphasis>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1965
+msgid ""
+"<emphasis>ppolicy</emphasis>: use account locking. If set, this option "
+"denies access in case that ldap attribute 'pwdAccountLockedTime' is present "
+"and has value of '000001010000Z' or represents any time in the past. The "
+"value of the 'pwdAccountLockedTime' attribute must end with 'Z', which "
+"denotes the UTC time zone. Other time zones are not currently supported and "
+"will result in \"access-denied\" when users attempt to log in. Please see "
+"the option ldap_pwdlockout_dn. Please note that 'access_provider = ldap' "
+"must be set for this feature to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1982
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr "<emphasis>expire</emphasis>: verwendet »ldap_account_expire_policy«."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1962
+#: sssd-ldap.5.xml:1986
+msgid ""
+"<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, "
+"pwd_expire_policy_renew: </emphasis> These options are useful if users are "
+"interested in being warned that password is about to expire and "
+"authentication is based on using a different method than passwords - for "
+"example SSH keys."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1996
+msgid ""
+"The difference between these options is the action taken if user password is "
+"expired: pwd_expire_policy_reject - user is denied to log in, "
+"pwd_expire_policy_warn - user is still able to log in, "
+"pwd_expire_policy_renew - user is prompted to change his password "
+"immediately."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2004
+msgid ""
+"Note If user password is expired no explicit message is prompted by SSSD."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2008
+msgid ""
+"Please note that 'access_provider = ldap' must be set for this feature to "
+"work. Also 'ldap_pwd_policy' must be set to an appropriate password policy."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2013
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
@@ -5812,19 +5945,19 @@ msgstr ""
"»authorizedService«, um zu bestimmen, ob Zugriff gewährt wird."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1967
+#: sssd-ldap.5.xml:2018
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
"<emphasis>host</emphasis>: verwendet das Attribut »host«, um zu bestimmen, "
"ob Zugriff gewährt wird."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1971
+#: sssd-ldap.5.xml:2022
msgid "Default: filter"
msgstr "Voreinstellung: filter"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1974
+#: sssd-ldap.5.xml:2025
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
@@ -5833,12 +5966,12 @@ msgstr ""
"mehr als einmal benutzt wird."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1981
+#: sssd-ldap.5.xml:2032
msgid "ldap_pwdlockout_dn (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1984
+#: sssd-ldap.5.xml:2035
msgid ""
"This option specifies the DN of password policy entry on LDAP server. Please "
"note that absence of this option in sssd.conf in case of enabled account "
@@ -5847,22 +5980,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1992
+#: sssd-ldap.5.xml:2043
msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1995
+#: sssd-ldap.5.xml:2046
msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2001
+#: sssd-ldap.5.xml:2052
msgid "ldap_deref (string)"
msgstr "ldap_deref (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2004
+#: sssd-ldap.5.xml:2055
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
@@ -5871,12 +6004,12 @@ msgstr ""
"folgenden Optionen sind erlaubt:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2009
+#: sssd-ldap.5.xml:2060
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr "<emphasis>never</emphasis>: Alias werden nie dereferenziert."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2013
+#: sssd-ldap.5.xml:2064
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
@@ -5886,7 +6019,7 @@ msgstr ""
"Suche."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2018
+#: sssd-ldap.5.xml:2069
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
@@ -5895,7 +6028,7 @@ msgstr ""
"der Suche dereferenziert."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2023
+#: sssd-ldap.5.xml:2074
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
@@ -5904,7 +6037,7 @@ msgstr ""
"Orten des Basisobjekts der Suche dereferenziert."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2028
+#: sssd-ldap.5.xml:2079
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
@@ -5913,12 +6046,12 @@ msgstr ""
"<emphasis>never</emphasis> gehandhabt.)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2036
+#: sssd-ldap.5.xml:2087
msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
msgstr "ldap_rfc2307_fallback_to_local_users (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2039
+#: sssd-ldap.5.xml:2090
msgid ""
"Allows to retain local users as members of an LDAP group for servers that "
"use the RFC2307 schema."
@@ -5927,7 +6060,7 @@ msgstr ""
"beizubehalten, die das Schema RFC2307 benutzen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2043
+#: sssd-ldap.5.xml:2094
msgid ""
"In some environments where the RFC2307 schema is used, local users are made "
"members of LDAP groups by adding their names to the memberUid attribute. "
@@ -5945,7 +6078,7 @@ msgstr ""
"getpw*() oder initgroups() abzurufen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2054
+#: sssd-ldap.5.xml:2105
msgid ""
"This option falls back to checking if local users are referenced, and caches "
"them so that later initgroups() calls will augment the local users with the "
@@ -5971,12 +6104,12 @@ msgstr ""
"type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2070
+#: sssd-ldap.5.xml:2121
msgid "SUDO OPTIONS"
msgstr "SUDO-OPTIONEN"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2072
+#: sssd-ldap.5.xml:2123
msgid ""
"The detailed instructions for configuration of sudo_provider are in the "
"manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> "
@@ -5987,52 +6120,52 @@ msgstr ""
"<manvolnum>5</manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2083
+#: sssd-ldap.5.xml:2134
msgid "ldap_sudorule_object_class (string)"
msgstr "ldap_sudorule_object_class (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2086
+#: sssd-ldap.5.xml:2137
msgid "The object class of a sudo rule entry in LDAP."
msgstr "die Objektklasse eines Sudo-Regeleintrags in LDAP"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2089
+#: sssd-ldap.5.xml:2140
msgid "Default: sudoRole"
msgstr "Voreinstellung: sudoRole"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2095
+#: sssd-ldap.5.xml:2146
msgid "ldap_sudorule_name (string)"
msgstr "ldap_sudorule_name (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2098
+#: sssd-ldap.5.xml:2149
msgid "The LDAP attribute that corresponds to the sudo rule name."
msgstr "das LDAP-Attribut, das dem Namen der Sudo-Regel entspricht"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2108
+#: sssd-ldap.5.xml:2159
msgid "ldap_sudorule_command (string)"
msgstr "ldap_sudorule_command (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2111
+#: sssd-ldap.5.xml:2162
msgid "The LDAP attribute that corresponds to the command name."
msgstr "das LDAP-Attribut, das dem Namen des Befehls entspricht"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2115
+#: sssd-ldap.5.xml:2166
msgid "Default: sudoCommand"
msgstr "Voreinstellung: sudoCommand"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2121
+#: sssd-ldap.5.xml:2172
msgid "ldap_sudorule_host (string)"
msgstr "ldap_sudorule_host (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2124
+#: sssd-ldap.5.xml:2175
msgid ""
"The LDAP attribute that corresponds to the host name (or host IP address, "
"host IP network, or host netgroup)"
@@ -6041,17 +6174,17 @@ msgstr ""
"Netzwerk oder des Netzwerkgruppe des Rechners) entspricht"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2129
+#: sssd-ldap.5.xml:2180
msgid "Default: sudoHost"
msgstr "Voreinstellung: sudoHost"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2135
+#: sssd-ldap.5.xml:2186
msgid "ldap_sudorule_user (string)"
msgstr "ldap_sudorule_user (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2138
+#: sssd-ldap.5.xml:2189
msgid ""
"The LDAP attribute that corresponds to the user name (or UID, group name or "
"user's netgroup)"
@@ -6060,32 +6193,32 @@ msgstr ""
"oder der Netzwerkgruppe des Benutzers) entspricht"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2142
+#: sssd-ldap.5.xml:2193
msgid "Default: sudoUser"
msgstr "Voreinstellung: sudoUser"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2148
+#: sssd-ldap.5.xml:2199
msgid "ldap_sudorule_option (string)"
msgstr "ldap_sudorule_option (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2151
+#: sssd-ldap.5.xml:2202
msgid "The LDAP attribute that corresponds to the sudo options."
msgstr "das LDAP-Attribut, das den Sudo-Optionen entspricht"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2155
+#: sssd-ldap.5.xml:2206
msgid "Default: sudoOption"
msgstr "Voreinstellung: sudoOption"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2161
+#: sssd-ldap.5.xml:2212
msgid "ldap_sudorule_runasuser (string)"
msgstr "ldap_sudorule_runasuser (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2164
+#: sssd-ldap.5.xml:2215
msgid ""
"The LDAP attribute that corresponds to the user name that commands may be "
"run as."
@@ -6094,17 +6227,17 @@ msgstr ""
"ausgeführt werden können"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2168
+#: sssd-ldap.5.xml:2219
msgid "Default: sudoRunAsUser"
msgstr "Voreinstellung: sudoRunAsUser"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2174
+#: sssd-ldap.5.xml:2225
msgid "ldap_sudorule_runasgroup (string)"
msgstr "ldap_sudorule_runasgroup (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2177
+#: sssd-ldap.5.xml:2228
msgid ""
"The LDAP attribute that corresponds to the group name or group GID that "
"commands may be run as."
@@ -6113,17 +6246,17 @@ msgstr ""
"worunter Befehle ausgeführt werden können"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2181
+#: sssd-ldap.5.xml:2232
msgid "Default: sudoRunAsGroup"
msgstr "Voreinstellung: sudoRunAsGroup"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2187
+#: sssd-ldap.5.xml:2238
msgid "ldap_sudorule_notbefore (string)"
msgstr "ldap_sudorule_notbefore (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2190
+#: sssd-ldap.5.xml:2241
msgid ""
"The LDAP attribute that corresponds to the start date/time for when the sudo "
"rule is valid."
@@ -6132,17 +6265,17 @@ msgstr ""
"Sudo-Regel gültig wird."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2194
+#: sssd-ldap.5.xml:2245
msgid "Default: sudoNotBefore"
msgstr "Voreinstellung: sudoNotBefore"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2200
+#: sssd-ldap.5.xml:2251
msgid "ldap_sudorule_notafter (string)"
msgstr "ldap_sudorule_notafter (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2203
+#: sssd-ldap.5.xml:2254
msgid ""
"The LDAP attribute that corresponds to the expiration date/time, after which "
"the sudo rule will no longer be valid."
@@ -6151,32 +6284,32 @@ msgstr ""
"der die Sudo-Regel nicht länger gültig ist."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2208
+#: sssd-ldap.5.xml:2259
msgid "Default: sudoNotAfter"
msgstr "Voreinstellung: sudoNotAfter"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2214
+#: sssd-ldap.5.xml:2265
msgid "ldap_sudorule_order (string)"
msgstr "ldap_sudorule_order (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2217
+#: sssd-ldap.5.xml:2268
msgid "The LDAP attribute that corresponds to the ordering index of the rule."
msgstr "das LDAP-Attribut, das dem Reihenfolgenindex der Regel entspricht"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2221
+#: sssd-ldap.5.xml:2272
msgid "Default: sudoOrder"
msgstr "Voreinstellung: sudoOrder"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2227
+#: sssd-ldap.5.xml:2278
msgid "ldap_sudo_full_refresh_interval (integer)"
msgstr "ldap_sudo_full_refresh_interval (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2230
+#: sssd-ldap.5.xml:2281
msgid ""
"How many seconds SSSD will wait between executing a full refresh of sudo "
"rules (which downloads all rules that are stored on the server)."
@@ -6186,7 +6319,7 @@ msgstr ""
"heruntergeladen werden)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2235
+#: sssd-ldap.5.xml:2286
msgid ""
"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </"
"emphasis>"
@@ -6195,17 +6328,17 @@ msgstr ""
"emphasis> sein."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2240
+#: sssd-ldap.5.xml:2291
msgid "Default: 21600 (6 hours)"
msgstr "Voreinstellung: 21600 (6 Stunden)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2246
+#: sssd-ldap.5.xml:2297
msgid "ldap_sudo_smart_refresh_interval (integer)"
msgstr "ldap_sudo_smart_refresh_interval (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2249
+#: sssd-ldap.5.xml:2300
msgid ""
"How many seconds SSSD has to wait before executing a smart refresh of sudo "
"rules (which downloads all rules that have USN higher than the highest USN "
@@ -6216,7 +6349,7 @@ msgstr ""
"höchste USN der zwischengespeicherten Regeln haben, heruntergeladen werden)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2255
+#: sssd-ldap.5.xml:2306
msgid ""
"If USN attributes are not supported by the server, the modifyTimestamp "
"attribute is used instead."
@@ -6225,12 +6358,12 @@ msgstr ""
"das Attribut »modifyTimestamp« benutzt."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2265
+#: sssd-ldap.5.xml:2316
msgid "ldap_sudo_use_host_filter (boolean)"
msgstr "ldap_sudo_use_host_filter (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2268
+#: sssd-ldap.5.xml:2319
msgid ""
"If true, SSSD will download only rules that are applicable to this machine "
"(using the IPv4 or IPv6 host/network addresses and hostnames)."
@@ -6240,12 +6373,12 @@ msgstr ""
"Netzwerkadressen und Rechnernamen)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2279
+#: sssd-ldap.5.xml:2330
msgid "ldap_sudo_hostnames (string)"
msgstr "ldap_sudo_hostnames (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2282
+#: sssd-ldap.5.xml:2333
msgid ""
"Space separated list of hostnames or fully qualified domain names that "
"should be used to filter the rules."
@@ -6254,7 +6387,7 @@ msgstr ""
"Domain-Namen, die zum Filtern der Regeln benutzt werden sollen"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2287
+#: sssd-ldap.5.xml:2338
msgid ""
"If this option is empty, SSSD will try to discover the hostname and the "
"fully qualified domain name automatically."
@@ -6263,8 +6396,8 @@ msgstr ""
"voll qualifizierten Domain-Namen automatisch herauszufinden."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2292 sssd-ldap.5.xml:2315 sssd-ldap.5.xml:2333
-#: sssd-ldap.5.xml:2351
+#: sssd-ldap.5.xml:2343 sssd-ldap.5.xml:2366 sssd-ldap.5.xml:2384
+#: sssd-ldap.5.xml:2402
msgid ""
"If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</"
"emphasis> then this option has no effect."
@@ -6273,17 +6406,17 @@ msgstr ""
"emphasis> ist, hat diese Option keine Auswirkungen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2297 sssd-ldap.5.xml:2320
+#: sssd-ldap.5.xml:2348 sssd-ldap.5.xml:2371
msgid "Default: not specified"
msgstr "Voreinstellung: nicht angegeben"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2303
+#: sssd-ldap.5.xml:2354
msgid "ldap_sudo_ip (string)"
msgstr "ldap_sudo_ip (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2306
+#: sssd-ldap.5.xml:2357
msgid ""
"Space separated list of IPv4 or IPv6 host/network addresses that should be "
"used to filter the rules."
@@ -6292,7 +6425,7 @@ msgstr ""
"Netzwerkadressen, die zum Filtern der Regeln benutzt werden sollen"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2311
+#: sssd-ldap.5.xml:2362
msgid ""
"If this option is empty, SSSD will try to discover the addresses "
"automatically."
@@ -6301,12 +6434,12 @@ msgstr ""
"herauszufinden."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2326
+#: sssd-ldap.5.xml:2377
msgid "ldap_sudo_include_netgroups (boolean)"
msgstr "ldap_sudo_include_netgroups (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2329
+#: sssd-ldap.5.xml:2380
msgid ""
"If true then SSSD will download every rule that contains a netgroup in "
"sudoHost attribute."
@@ -6315,12 +6448,12 @@ msgstr ""
"eine Netzgruppe im Attribut »sudoHost« enthält."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2344
+#: sssd-ldap.5.xml:2395
msgid "ldap_sudo_include_regexp (boolean)"
msgstr "ldap_sudo_include_regexp (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2347
+#: sssd-ldap.5.xml:2398
msgid ""
"If true then SSSD will download every rule that contains a wildcard in "
"sudoHost attribute."
@@ -6329,7 +6462,7 @@ msgstr ""
"einen Platzhalter im Attribut »sudoHost« enthält."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2363
+#: sssd-ldap.5.xml:2414
msgid ""
"This manual page only describes attribute name mapping. For detailed "
"explanation of sudo related attribute semantics, see <citerefentry> "
@@ -6342,12 +6475,12 @@ msgstr ""
"manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2373
+#: sssd-ldap.5.xml:2424
msgid "AUTOFS OPTIONS"
msgstr "AUTOFS-OPTIONEN"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2375
+#: sssd-ldap.5.xml:2426
msgid ""
"Please note that the default values correspond to the default schema which "
"is RFC2307."
@@ -6356,62 +6489,62 @@ msgstr ""
"entsprechen. "
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2381
+#: sssd-ldap.5.xml:2432
msgid "ldap_autofs_map_master_name (string)"
msgstr "ldap_autofs_map_master_name (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2384
+#: sssd-ldap.5.xml:2435
msgid "The name of the automount master map in LDAP."
msgstr "Der Name der Automount-Master-Abbildung in LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2387
+#: sssd-ldap.5.xml:2438
msgid "Default: auto.master"
msgstr "Voreinstellung: auto.master"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2394
+#: sssd-ldap.5.xml:2445
msgid "ldap_autofs_map_object_class (string)"
msgstr "ldap_autofs_map_object_class (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2397 sssd-ldap.5.xml:2423
+#: sssd-ldap.5.xml:2448 sssd-ldap.5.xml:2474
msgid "The object class of an automount map entry in LDAP."
msgstr "die Objektklasse eines Automount-Abbildungseintrags in LDAP"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2400 sssd-ldap.5.xml:2427
+#: sssd-ldap.5.xml:2451 sssd-ldap.5.xml:2478
msgid "Default: automountMap"
msgstr "Voreinstellung: automountMap"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2407
+#: sssd-ldap.5.xml:2458
msgid "ldap_autofs_map_name (string)"
msgstr "ldap_autofs_map_name (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2410
+#: sssd-ldap.5.xml:2461
msgid "The name of an automount map entry in LDAP."
msgstr "der Name eines Automount-Abbildungseintrags in LDAP"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2413
+#: sssd-ldap.5.xml:2464
msgid "Default: ou"
msgstr "Voreinstellung: ou"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2420
+#: sssd-ldap.5.xml:2471
msgid "ldap_autofs_entry_object_class (string)"
msgstr "ldap_autofs_entry_object_class (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2434
+#: sssd-ldap.5.xml:2485
msgid "ldap_autofs_entry_key (string)"
msgstr "ldap_autofs_entry_key (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2437 sssd-ldap.5.xml:2451
+#: sssd-ldap.5.xml:2488 sssd-ldap.5.xml:2502
msgid ""
"The key of an automount entry in LDAP. The entry usually corresponds to a "
"mount point."
@@ -6420,17 +6553,17 @@ msgstr ""
"Eintrag einem Einhängepunkt."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2448
+#: sssd-ldap.5.xml:2499
msgid "ldap_autofs_entry_value (string)"
msgstr "ldap_autofs_entry_value (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2455
+#: sssd-ldap.5.xml:2506
msgid "Default: automountInformation"
msgstr "Voreinstellung: automountInformation"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2379
+#: sssd-ldap.5.xml:2430
msgid ""
"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
@@ -6443,32 +6576,32 @@ msgstr ""
"\"variablelist\" id=\"4\"/> <placeholder type=\"variablelist\" id=\"5\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2465
+#: sssd-ldap.5.xml:2516
msgid "ADVANCED OPTIONS"
msgstr "ERWEITERTE OPTIONEN"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2472
+#: sssd-ldap.5.xml:2523
msgid "ldap_netgroup_search_base (string)"
msgstr "ldap_netgroup_search_base (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2477
+#: sssd-ldap.5.xml:2528
msgid "ldap_user_search_base (string)"
msgstr "ldap_user_search_base (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2482
+#: sssd-ldap.5.xml:2533
msgid "ldap_group_search_base (string)"
msgstr "ldap_group_search_base (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><note>
-#: sssd-ldap.5.xml:2487
+#: sssd-ldap.5.xml:2538
msgid "<note>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para>
-#: sssd-ldap.5.xml:2489
+#: sssd-ldap.5.xml:2540
msgid ""
"If the option <quote>ldap_use_tokengroups</quote> is enabled. The searches "
"against Active Directory will not be restricted and return all groups "
@@ -6477,22 +6610,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist>
-#: sssd-ldap.5.xml:2496
+#: sssd-ldap.5.xml:2547
msgid "</note>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2498
+#: sssd-ldap.5.xml:2549
msgid "ldap_sudo_search_base (string)"
msgstr "ldap_sudo_search_base (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2503
+#: sssd-ldap.5.xml:2554
msgid "ldap_autofs_search_base (string)"
msgstr "ldap_autofs_search_base (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2467
+#: sssd-ldap.5.xml:2518
#, fuzzy
#| msgid ""
#| "These options are supported by LDAP domains, but they should be used with "
@@ -6509,7 +6642,7 @@ msgstr ""
"falls Sie wissen, was Sie tun. <placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2520
+#: sssd-ldap.5.xml:2571
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -6520,7 +6653,7 @@ msgstr ""
"gesetzt ist."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2526
+#: sssd-ldap.5.xml:2577
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -6540,19 +6673,19 @@ msgstr ""
" cache_credentials = true\n"
#. type: Content of: <refsect1><refsect2><para>
-#: sssd-ldap.5.xml:2525 sssd-ldap.5.xml:2543 sssd-simple.5.xml:139
+#: sssd-ldap.5.xml:2576 sssd-ldap.5.xml:2594 sssd-simple.5.xml:139
#: sssd-ipa.5.xml:726 sssd-ad.5.xml:851 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98
-#: sssd-krb5.5.xml:528 include/ldap_id_mapping.xml:105
+#: sssd-krb5.5.xml:573 include/ldap_id_mapping.xml:105
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr "<placeholder type=\"programlisting\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2537
+#: sssd-ldap.5.xml:2588
msgid "LDAP ACCESS FILTER EXAMPLE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2539
+#: sssd-ldap.5.xml:2590
#, fuzzy
#| msgid ""
#| "The following example assumes that SSSD is correctly configured and LDAP "
@@ -6567,7 +6700,7 @@ msgstr ""
"gesetzt ist."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2544
+#: sssd-ldap.5.xml:2595
#, fuzzy, no-wrap
#| msgid ""
#| " [domain/LDAP]\n"
@@ -6598,13 +6731,13 @@ msgstr ""
" cache_credentials = true\n"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2559 sssd_krb5_locator_plugin.8.xml:61
+#: sssd-ldap.5.xml:2610 sssd_krb5_locator_plugin.8.xml:61
#: sssd-simple.5.xml:148 sssd-ad.5.xml:866 sssd.8.xml:195 sss_seed.8.xml:163
msgid "NOTES"
msgstr "ANMERKUNGEN"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2561
+#: sssd-ldap.5.xml:2612
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -7582,7 +7715,7 @@ msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:371 sssd-krb5.5.xml:245
+#: sssd-ipa.5.xml:371 sssd-krb5.5.xml:254
msgid "krb5_validate (boolean)"
msgstr "krb5_validate (Boolesch)"
@@ -7634,12 +7767,12 @@ msgstr ""
"Funktionalität ist mit Kerberos >= 1.7 verfügbar."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:419 sssd-krb5.5.xml:407
+#: sssd-ipa.5.xml:419 sssd-krb5.5.xml:416
msgid "krb5_use_fast (string)"
msgstr "krb5_use_fast (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:422 sssd-krb5.5.xml:410
+#: sssd-ipa.5.xml:422 sssd-krb5.5.xml:419
msgid ""
"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-"
"authentication. The following options are supported:"
@@ -7666,7 +7799,7 @@ msgstr ""
"wurde."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:436 sssd-krb5.5.xml:424
+#: sssd-ipa.5.xml:436 sssd-krb5.5.xml:433
msgid ""
"<emphasis>demand</emphasis> to use FAST. The authentication fails if the "
"server does not require fast."
@@ -7680,7 +7813,7 @@ msgid "Default: try"
msgstr "Voreinstellung: try"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:444 sssd-krb5.5.xml:435
+#: sssd-ipa.5.xml:444 sssd-krb5.5.xml:444
msgid ""
"NOTE: SSSD supports FAST only with MIT Kerberos version 1.8 and later. If "
"SSSD is used with an older version of MIT Kerberos, using this option is a "
@@ -8950,12 +9083,12 @@ msgid "Default: True"
msgstr "Voreinstellung: True"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:797 sssd-krb5.5.xml:496
+#: sssd-ad.5.xml:797 sssd-krb5.5.xml:505
msgid "krb5_use_enterprise_principal (boolean)"
msgstr "krb5_use_enterprise_principal (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:800 sssd-krb5.5.xml:499
+#: sssd-ad.5.xml:800 sssd-krb5.5.xml:508
msgid ""
"Specifies if the user principal should be treated as enterprise principal. "
"See section 5 of RFC 6806 for more details about enterprise principals."
@@ -10176,16 +10309,32 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:225
+#, fuzzy
+#| msgid ""
+#| "Please refer to the <quote>dns_discovery_domain</quote> parameter in the "
+#| "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
+#| "manvolnum> </citerefentry> manual page for more details."
+msgid ""
+"NOTE: Please be aware that libkrb5 ccache expansion template from "
+"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> uses different expansion sequences than SSSD."
+msgstr ""
+"Weitere Einzelheiten finden Sie in der Handbuchseite <citerefentry> "
+"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> beim Parameter »dns_discovery_domain«."
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:234
msgid "Default: (from libkrb5)"
msgstr "Voreinstellung: (aus libkrb5)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:231
+#: sssd-krb5.5.xml:240
msgid "krb5_auth_timeout (integer)"
msgstr "krb5_auth_timeout (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:234
+#: sssd-krb5.5.xml:243
msgid ""
"Timeout in seconds after an online authentication request or change password "
"request is aborted. If possible, the authentication request is continued "
@@ -10196,7 +10345,7 @@ msgstr ""
"die Authentifizierung offline fortgesetzt."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:248
+#: sssd-krb5.5.xml:257
msgid ""
"Verify with the help of krb5_keytab that the TGT obtained has not been "
"spoofed. The keytab is checked for entries sequentially, and the first entry "
@@ -10214,12 +10363,12 @@ msgstr ""
"Eintrag als letzter oder einziger Eintrag in der Keytab-Datei abgelegt wird."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:263
+#: sssd-krb5.5.xml:272
msgid "krb5_keytab (string)"
msgstr "krb5_keytab (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:266
+#: sssd-krb5.5.xml:275
msgid ""
"The location of the keytab to use when validating credentials obtained from "
"KDCs."
@@ -10228,17 +10377,17 @@ msgstr ""
"benutzt wird, die von Schlüsselverwaltungszentralen (KDCs) stammen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:270
+#: sssd-krb5.5.xml:279
msgid "Default: /etc/krb5.keytab"
msgstr "Voreinstellung: /etc/krb5.keytab"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:276
+#: sssd-krb5.5.xml:285
msgid "krb5_store_password_if_offline (boolean)"
msgstr "krb5_store_password_if_offline (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:279
+#: sssd-krb5.5.xml:288
msgid ""
"Store the password of the user if the provider is offline and use it to "
"request a TGT when the provider comes online again."
@@ -10247,7 +10396,7 @@ msgstr ""
"benutzt es zur Abfrage des TGTs, wenn der Anbieter wieder online geht."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:284
+#: sssd-krb5.5.xml:293
msgid ""
"NOTE: this feature is only available on Linux. Passwords stored in this way "
"are kept in plaintext in the kernel keyring and are potentially accessible "
@@ -10259,12 +10408,12 @@ msgstr ""
"Benutzer Root zugegriffen werden."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:297
+#: sssd-krb5.5.xml:306
msgid "krb5_renewable_lifetime (string)"
msgstr "krb5_renewable_lifetime (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:300
+#: sssd-krb5.5.xml:309
msgid ""
"Request a renewable ticket with a total lifetime, given as an integer "
"immediately followed by a time unit:"
@@ -10273,33 +10422,33 @@ msgstr ""
"Ganzzahl, der direkt eine Zeiteinheit folgt, angegeben:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:305 sssd-krb5.5.xml:339 sssd-krb5.5.xml:376
+#: sssd-krb5.5.xml:314 sssd-krb5.5.xml:348 sssd-krb5.5.xml:385
msgid "<emphasis>s</emphasis> for seconds"
msgstr "<emphasis>s</emphasis> für Sekunden"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:308 sssd-krb5.5.xml:342 sssd-krb5.5.xml:379
+#: sssd-krb5.5.xml:317 sssd-krb5.5.xml:351 sssd-krb5.5.xml:388
msgid "<emphasis>m</emphasis> for minutes"
msgstr "<emphasis>m</emphasis> für Minuten"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:311 sssd-krb5.5.xml:345 sssd-krb5.5.xml:382
+#: sssd-krb5.5.xml:320 sssd-krb5.5.xml:354 sssd-krb5.5.xml:391
msgid "<emphasis>h</emphasis> for hours"
msgstr "<emphasis>h</emphasis> für Stunden"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:314 sssd-krb5.5.xml:348 sssd-krb5.5.xml:385
+#: sssd-krb5.5.xml:323 sssd-krb5.5.xml:357 sssd-krb5.5.xml:394
msgid "<emphasis>d</emphasis> for days."
msgstr "<emphasis>d</emphasis> für Tage"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:317 sssd-krb5.5.xml:388
+#: sssd-krb5.5.xml:326 sssd-krb5.5.xml:397
msgid "If there is no unit given, <emphasis>s</emphasis> is assumed."
msgstr ""
"Falls keine Einheit angegeben ist, wird <emphasis>s</emphasis> angenommen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:321 sssd-krb5.5.xml:392
+#: sssd-krb5.5.xml:330 sssd-krb5.5.xml:401
msgid ""
"NOTE: It is not possible to mix units. To set the renewable lifetime to one "
"and a half hours, use '90m' instead of '1h30m'."
@@ -10309,17 +10458,17 @@ msgstr ""
"»1h30m«."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:326
+#: sssd-krb5.5.xml:335
msgid "Default: not set, i.e. the TGT is not renewable"
msgstr "Voreinstellung: nicht gesetzt, d.h. das TGT ist nicht erneuerbar."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:332
+#: sssd-krb5.5.xml:341
msgid "krb5_lifetime (string)"
msgstr "krb5_lifetime (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:335
+#: sssd-krb5.5.xml:344
msgid ""
"Request ticket with a lifetime, given as an integer immediately followed by "
"a time unit:"
@@ -10328,13 +10477,13 @@ msgstr ""
"eine Zeiteinheit folgt:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:351
+#: sssd-krb5.5.xml:360
msgid "If there is no unit given <emphasis>s</emphasis> is assumed."
msgstr ""
"Falls keine Einheit angegeben ist, wird <emphasis>s</emphasis> angenommen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:355
+#: sssd-krb5.5.xml:364
msgid ""
"NOTE: It is not possible to mix units. To set the lifetime to one and a "
"half hours please use '90m' instead of '1h30m'."
@@ -10343,7 +10492,7 @@ msgstr ""
"eineinhalb Stunden zu setzen, verwenden Sie »90m« statt »1h30m«."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:360
+#: sssd-krb5.5.xml:369
msgid ""
"Default: not set, i.e. the default ticket lifetime configured on the KDC."
msgstr ""
@@ -10351,12 +10500,12 @@ msgstr ""
"der Schlüsselverwaltungszentrale (KDC)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:367
+#: sssd-krb5.5.xml:376
msgid "krb5_renew_interval (string)"
msgstr "krb5_renew_interval (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:370
+#: sssd-krb5.5.xml:379
msgid ""
"The time in seconds between two checks if the TGT should be renewed. TGTs "
"are renewed if about half of their lifetime is exceeded, given as an integer "
@@ -10368,14 +10517,14 @@ msgstr ""
"folgt, angegeben:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:397
+#: sssd-krb5.5.xml:406
msgid "If this option is not set or is 0 the automatic renewal is disabled."
msgstr ""
"Falls diese Option nicht oder auf 0 gesetzt ist, wird die automatische "
"Erneuerung deaktiviert."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:415
+#: sssd-krb5.5.xml:424
msgid ""
"<emphasis>never</emphasis> use FAST. This is equivalent to not setting this "
"option at all."
@@ -10384,7 +10533,7 @@ msgstr ""
"Einstellung gar nicht gemacht würde."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:419
+#: sssd-krb5.5.xml:428
msgid ""
"<emphasis>try</emphasis> to use FAST. If the server does not support FAST, "
"continue the authentication without it."
@@ -10393,27 +10542,27 @@ msgstr ""
"Server kein FAST unterstützt, fährt die Authentifizierung ohne fort."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:429
+#: sssd-krb5.5.xml:438
msgid "Default: not set, i.e. FAST is not used."
msgstr "Voreinstellung: nicht gesetzt, d.h. FAST wird nicht benutzt"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:432
+#: sssd-krb5.5.xml:441
msgid "NOTE: a keytab is required to use FAST."
msgstr "HINWEIS: Zur Benutzung von FAST ist eine Keytab erforderlich."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:444
+#: sssd-krb5.5.xml:453
msgid "krb5_fast_principal (string)"
msgstr "krb5_fast_principal (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:447
+#: sssd-krb5.5.xml:456
msgid "Specifies the server principal to use for FAST."
msgstr "gibt den Server-Principal zur Benutzung von FAST an."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:456
+#: sssd-krb5.5.xml:465
msgid ""
"Specifies if the host and user principal should be canonicalized. This "
"feature is available with MIT Kerberos 1.7 and later versions."
@@ -10423,10 +10572,45 @@ msgstr ""
"Versionen verfügbar."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:505
+#: sssd-krb5.5.xml:514
msgid "Default: false (AD provider: true)"
msgstr "Voreinstellung: falsch (AD-Anbieter: wahr)"
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:520
+#, fuzzy
+#| msgid "krb5_use_fast (string)"
+msgid "krb5_map_user (string)"
+msgstr "krb5_use_fast (Zeichenkette)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:523
+msgid ""
+"The list of mappings is given as a comma-separated list of pairs "
+"<quote>username:primary</quote> where <quote>username</quote> is a UNIX user "
+"name and <quote>primary</quote> is a user part of a kerberos principal. This "
+"mapping is used when user is authenticating using <quote>auth_provider = "
+"krb5</quote>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd-krb5.5.xml:535
+#, no-wrap
+msgid ""
+"krb5_realm = REALM\n"
+"krb5_map_user = joe:juser,dick:richard\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:540
+msgid ""
+"<quote>joe</quote> and <quote>dick</quote> are UNIX user names and "
+"<quote>juser</quote> and <quote>richard</quote> are primaries of kerberos "
+"principals. For user <quote>joe</quote> resp. <quote>dick</quote> SSSD will "
+"try to kinit as <quote>juser@REALM</quote> resp. <quote>richard@REALM</"
+"quote>."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-krb5.5.xml:65
msgid ""
@@ -10444,7 +10628,7 @@ msgstr ""
"id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-krb5.5.xml:521
+#: sssd-krb5.5.xml:566
msgid ""
"The following example assumes that SSSD is correctly configured and FOO is "
"one of the domains in the <replaceable>[sssd]</replaceable> section. This "
@@ -10457,7 +10641,7 @@ msgstr ""
"keine Identitätsanbieter."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-krb5.5.xml:529
+#: sssd-krb5.5.xml:574
#, no-wrap
msgid ""
" [domain/FOO]\n"
@@ -12867,3 +13051,8 @@ msgstr "Voreinstellung: /home"
#~ msgid "Add microseconds to the timestamp in debug messages"
#~ msgstr "fügt dem Zeitstempel der Debug-Nachrichten Mikrosekunden hinzu"
+
+#~ msgid "Currently only refreshing expired netgroups is supported."
+#~ msgstr ""
+#~ "Derzeit wird lediglich die Aktualisierung abgelaufener Netzgruppen "
+#~ "unterstützt."
diff --git a/src/man/po/es.po b/src/man/po/es.po
index e684149fa..c30bbcdb9 100644
--- a/src/man/po/es.po
+++ b/src/man/po/es.po
@@ -15,7 +15,7 @@ msgid ""
msgstr ""
"Project-Id-Version: sssd-docs 1.12.2\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2015-02-18 16:52+0100\n"
+"POT-Creation-Date: 2015-06-12 10:36+0200\n"
"PO-Revision-Date: 2014-06-04 02:04-0400\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Spanish (http://www.transifex.com/projects/p/sssd/language/"
@@ -25,7 +25,7 @@ msgstr ""
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"
-"X-Generator: Zanata 3.5.1\n"
+"X-Generator: Zanata 3.6.2\n"
#. type: Content of: <reference><title>
#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5
@@ -265,11 +265,11 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:81 sssd.conf.5.xml:571 sssd.conf.5.xml:1014
+#: sssd.conf.5.xml:81 sssd.conf.5.xml:602 sssd.conf.5.xml:1066
#: sssd-ldap.5.xml:1625 sssd-ldap.5.xml:1722 sssd-ldap.5.xml:1784
-#: sssd-ldap.5.xml:2273 sssd-ldap.5.xml:2338 sssd-ldap.5.xml:2356
+#: sssd-ldap.5.xml:2324 sssd-ldap.5.xml:2389 sssd-ldap.5.xml:2407
#: sssd-ipa.5.xml:378 sssd-ipa.5.xml:413 sssd-ad.5.xml:166 sssd-ad.5.xml:264
-#: sssd-ad.5.xml:714 sssd-ad.5.xml:806 sssd-krb5.5.xml:490
+#: sssd-ad.5.xml:714 sssd-ad.5.xml:806 sssd-krb5.5.xml:499
msgid "Default: true"
msgstr "Predeterminado: true"
@@ -286,16 +286,16 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:94 sssd.conf.5.xml:968 sssd.conf.5.xml:2043
+#: sssd.conf.5.xml:94 sssd.conf.5.xml:1020 sssd.conf.5.xml:2095
#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1499 sssd-ldap.5.xml:1518
-#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:2060 sssd-ipa.5.xml:139
-#: sssd-ipa.5.xml:208 sssd-ipa.5.xml:543 sssd-krb5.5.xml:257
-#: sssd-krb5.5.xml:291 sssd-krb5.5.xml:462
+#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:2111 sssd-ipa.5.xml:139
+#: sssd-ipa.5.xml:208 sssd-ipa.5.xml:543 sssd-krb5.5.xml:266
+#: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471
msgid "Default: false"
msgstr "Predeterminado: false"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:67 sssd.conf.5.xml:105 sssd-ldap.5.xml:2081
+#: sssd.conf.5.xml:67 sssd.conf.5.xml:105 sssd-ldap.5.xml:2132
msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr "<placeholder type=\"variablelist\" id=\"0\"/>"
@@ -334,7 +334,7 @@ msgid "The [sssd] section"
msgstr "La sección [sssd]"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:137 sssd.conf.5.xml:2127
+#: sssd.conf.5.xml:137 sssd.conf.5.xml:2179
msgid "Section parameters"
msgstr "Parámetros de sección"
@@ -409,7 +409,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:193 sssd.conf.5.xml:1826
+#: sssd.conf.5.xml:193 sssd.conf.5.xml:1878
msgid "re_expression (string)"
msgstr "re_expression (cadena)"
@@ -434,12 +434,12 @@ msgstr ""
"DOMAIN SECTIONS para más información sobre estas expresiones regulares."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:210 sssd.conf.5.xml:1877
+#: sssd.conf.5.xml:210 sssd.conf.5.xml:1929
msgid "full_name_format (string)"
msgstr "full_name_format (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:213 sssd.conf.5.xml:1880
+#: sssd.conf.5.xml:213 sssd.conf.5.xml:1932
msgid ""
"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
"manvolnum> </citerefentry>-compatible format that describes how to compose a "
@@ -447,39 +447,39 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:224 sssd.conf.5.xml:1891
+#: sssd.conf.5.xml:224 sssd.conf.5.xml:1943
msgid "%1$s"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:225 sssd.conf.5.xml:1892
+#: sssd.conf.5.xml:225 sssd.conf.5.xml:1944
msgid "user name"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:228 sssd.conf.5.xml:1895
+#: sssd.conf.5.xml:228 sssd.conf.5.xml:1947
msgid "%2$s"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:231 sssd.conf.5.xml:1898
+#: sssd.conf.5.xml:231 sssd.conf.5.xml:1950
msgid "domain name as specified in the SSSD config file."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:237 sssd.conf.5.xml:1904
+#: sssd.conf.5.xml:237 sssd.conf.5.xml:1956
msgid "%3$s"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:240 sssd.conf.5.xml:1907
+#: sssd.conf.5.xml:240 sssd.conf.5.xml:1959
msgid ""
"domain flat name. Mostly usable for Active Directory domains, both directly "
"configured or discovered via IPA trusts."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:221 sssd.conf.5.xml:1888
+#: sssd.conf.5.xml:221 sssd.conf.5.xml:1940
msgid ""
"The following expansions are supported: <placeholder type=\"variablelist\" "
"id=\"0\"/>"
@@ -630,8 +630,8 @@ msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:336 sssd-ldap.5.xml:663 sssd-ldap.5.xml:1458
#: sssd-ldap.5.xml:1470 sssd-ldap.5.xml:1552 sssd-ad.5.xml:557
-#: sssd-ad.5.xml:627 sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:203
-#: include/ldap_id_mapping.xml:214
+#: sssd-ad.5.xml:627 sssd-krb5.5.xml:410 sssd-krb5.5.xml:550
+#: include/ldap_id_mapping.xml:203 include/ldap_id_mapping.xml:214
msgid "Default: not set"
msgstr "Predeterminado: no definido"
@@ -753,18 +753,18 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:427 sssd.conf.5.xml:443 sssd.conf.5.xml:475
-#: sssd.conf.5.xml:702 sssd.conf.5.xml:888 sssd.conf.5.xml:1209
+#: sssd.conf.5.xml:733 sssd.conf.5.xml:919 sssd.conf.5.xml:1261
#: sssd-ldap.5.xml:1200
msgid "Default: 60"
msgstr "Predeterminado: 60"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:432 sssd.conf.5.xml:1198
+#: sssd.conf.5.xml:432 sssd.conf.5.xml:1250
msgid "force_timeout (integer)"
msgstr "force_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:435 sssd.conf.5.xml:1201
+#: sssd.conf.5.xml:435 sssd.conf.5.xml:1253
msgid ""
"If a service is not responding to ping checks (see the <quote>timeout</"
"quote> option), it is first sent the SIGTERM signal that instructs it to "
@@ -816,13 +816,80 @@ msgid ""
"will be forced to one hour."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:480
+#, fuzzy
+#| msgid "subdomain_homedir (string)"
+msgid "subdomain_inherit (string)"
+msgstr "subdomain_homedir (cadena)"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:483
+msgid ""
+"Specifies a list of configuration parameters that should be inherited by a "
+"subdomain. Please note that only selected parameters can be inherited. "
+"Currently the following options can be inherited:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:489
+#, fuzzy
+#| msgid "ignore_group_members (bool)"
+msgid "ignore_group_members"
+msgstr "ignore_group_members (bool)"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:492
+#, fuzzy
+#| msgid "ldap_purge_cache_timeout (integer)"
+msgid "ldap_purge_cache_timeout"
+msgstr "ldap_purge_cache_timeout (entero)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:495 sssd-ldap.5.xml:1017
+msgid "ldap_use_tokengroups"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:498
+#, fuzzy
+#| msgid "ldap_user_principal (string)"
+msgid "ldap_user_principal"
+msgstr "ldap_user_principal (cadena)"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd.conf.5.xml:503
+#, fuzzy, no-wrap
+#| msgid ""
+#| "fallback_homedir = /home/%u\n"
+#| " "
+msgid ""
+"subdomain_inherit = ldap_purge_cache_timeout\n"
+" "
+msgstr ""
+"fallback_homedir = /home/%u\n"
+" "
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:501
+#, fuzzy
+#| msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
+msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr "ejemplo: <placeholder type=\"programlisting\" id=\"0\"/>"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:507 sssd.conf.5.xml:963 sssd.conf.5.xml:984
+#: sssd.conf.5.xml:1244 sssd-ldap.5.xml:1753
+msgid "Default: none"
+msgstr "Predeterminado: none"
+
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:484
+#: sssd.conf.5.xml:515
msgid "NSS configuration options"
msgstr "Opciones de configuración de NSS"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:486
+#: sssd.conf.5.xml:517
msgid ""
"These options can be used to configure the Name Service Switch (NSS) service."
msgstr ""
@@ -830,12 +897,12 @@ msgstr ""
"Switch (NSS)."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:491
+#: sssd.conf.5.xml:522
msgid "enum_cache_timeout (integer)"
msgstr "enum_cache_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:494
+#: sssd.conf.5.xml:525
msgid ""
"How many seconds should nss_sss cache enumerations (requests for info about "
"all users)"
@@ -844,17 +911,17 @@ msgstr ""
"sobre todos los usuarios)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:498
+#: sssd.conf.5.xml:529
msgid "Default: 120"
msgstr "Predeterminado: 120"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:503
+#: sssd.conf.5.xml:534
msgid "entry_cache_nowait_percentage (integer)"
msgstr "entry_cache_nowait_percentage (entero)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:506
+#: sssd.conf.5.xml:537
msgid ""
"The entry cache can be set to automatically update entries in the background "
"if they are requested beyond a percentage of the entry_cache_timeout value "
@@ -865,7 +932,7 @@ msgstr ""
"valor de entry_cache_timeout para el dominio."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:512
+#: sssd.conf.5.xml:543
msgid ""
"For example, if the domain's entry_cache_timeout is set to 30s and "
"entry_cache_nowait_percentage is set to 50 (percent), entries that come in "
@@ -881,7 +948,7 @@ msgstr ""
"actualización del cache."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:522
+#: sssd.conf.5.xml:553
msgid ""
"Valid values for this option are 0-99 and represent a percentage of the "
"entry_cache_timeout for each domain. For performance reasons, this "
@@ -894,17 +961,17 @@ msgstr ""
"segundos. (0 deshabilita esta función)."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:530
+#: sssd.conf.5.xml:561
msgid "Default: 50"
msgstr "Predeterminado: 50"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:535
+#: sssd.conf.5.xml:566
msgid "entry_negative_timeout (integer)"
msgstr "entry_negative_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:538
+#: sssd.conf.5.xml:569
msgid ""
"Specifies for how many seconds nss_sss should cache negative cache hits "
"(that is, queries for invalid database entries, like nonexistent ones) "
@@ -915,17 +982,17 @@ msgstr ""
"entradas no existentes) antes de preguntar al punto final otra vez."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:544 sssd.conf.5.xml:992
+#: sssd.conf.5.xml:575 sssd.conf.5.xml:1044
msgid "Default: 15"
msgstr "Predeterminado: 15"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:549
+#: sssd.conf.5.xml:580
msgid "filter_users, filter_groups (string)"
msgstr "filter_users, filter_groups (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:552
+#: sssd.conf.5.xml:583
msgid ""
"Exclude certain users from being fetched from the sss NSS database. This is "
"particularly useful for system accounts. This option can also be set per-"
@@ -938,17 +1005,17 @@ msgstr ""
"filtrar sólo usuario de un dominio concreto."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:559
+#: sssd.conf.5.xml:590
msgid "Default: root"
msgstr "Predeterminado: root"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:564
+#: sssd.conf.5.xml:595
msgid "filter_users_in_groups (bool)"
msgstr "filter_users_in_groups (bool)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:567
+#: sssd.conf.5.xml:598
msgid ""
"If you want filtered user still be group members set this option to false."
msgstr ""
@@ -956,12 +1023,12 @@ msgstr ""
"opción a false."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:578
+#: sssd.conf.5.xml:609
msgid "fallback_homedir (string)"
msgstr "fallback_homedir (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:581
+#: sssd.conf.5.xml:612
msgid ""
"Set a default template for a user's home directory if one is not specified "
"explicitly by the domain's data provider."
@@ -970,7 +1037,7 @@ msgstr ""
"especificado una explícitamente por el proveedor de datos del dominio."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:586
+#: sssd.conf.5.xml:617
msgid ""
"The available values for this option are the same as for override_homedir."
msgstr ""
@@ -978,7 +1045,7 @@ msgstr ""
"override_homedir."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
-#: sssd.conf.5.xml:592
+#: sssd.conf.5.xml:623
#, no-wrap
msgid ""
"fallback_homedir = /home/%u\n"
@@ -988,23 +1055,24 @@ msgstr ""
" "
#. type: Content of: <varlistentry><listitem><para>
-#: sssd.conf.5.xml:590 include/override_homedir.xml:55
+#: sssd.conf.5.xml:621 sssd.conf.5.xml:978 sssd-krb5.5.xml:533
+#: include/override_homedir.xml:55
msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr "ejemplo: <placeholder type=\"programlisting\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:596
+#: sssd.conf.5.xml:627
msgid "Default: not set (no substitution for unset home directories)"
msgstr ""
"Por defecto: no fijado (sin sustitución para los directorios home no fijados)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:602
+#: sssd.conf.5.xml:633
msgid "override_shell (string)"
msgstr "override_shell (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:605
+#: sssd.conf.5.xml:636
msgid ""
"Override the login shell for all users. This option supersedes any other "
"shell options if it takes effect and can be set either in the [nss] section "
@@ -1012,17 +1080,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:611
+#: sssd.conf.5.xml:642
msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
msgstr "Por defecto: no fijado (SSSD usará el valor recuperado desde LDAP)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:617
+#: sssd.conf.5.xml:648
msgid "allowed_shells (string)"
msgstr "allowed_shells (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:620
+#: sssd.conf.5.xml:651
msgid ""
"Restrict user shell to one of the listed values. The order of evaluation is:"
msgstr ""
@@ -1030,12 +1098,12 @@ msgstr ""
"evaluación es:"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:623
+#: sssd.conf.5.xml:654
msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
msgstr "1. Si el shell está presente en <quote>/etc/shells</quote>, se usa."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:627
+#: sssd.conf.5.xml:658
msgid ""
"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
"quote>, use the value of the shell_fallback parameter."
@@ -1044,7 +1112,7 @@ msgstr ""
"shells</quote>, usa el valor del parámetro shell_fallback."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:632
+#: sssd.conf.5.xml:663
msgid ""
"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
"shells</quote>, a nologin shell is used."
@@ -1053,14 +1121,14 @@ msgstr ""
"shells</quote>, se usará un shell de no acceso."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:637
+#: sssd.conf.5.xml:668
#, fuzzy
#| msgid "These options can be used to configure any service."
msgid "The wildcard (*) can be used to allow any shell."
msgstr "Estas opciones pueden usarse para configurar cualquier servicio."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:640
+#: sssd.conf.5.xml:671
msgid ""
"The (*) is useful if you want to use shell_fallback in case that user's "
"shell is not in <quote>/etc/shells</quote> and maintaining list of all "
@@ -1068,12 +1136,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:647
+#: sssd.conf.5.xml:678
msgid "An empty string for shell is passed as-is to libc."
msgstr "Una cadena vacía para el shell se pasa como-es a libc."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:650
+#: sssd.conf.5.xml:681
msgid ""
"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
"that a restart of the SSSD is required in case a new shell is installed."
@@ -1083,27 +1151,27 @@ msgstr ""
"una nueva shell."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:654
+#: sssd.conf.5.xml:685
msgid "Default: Not set. The user shell is automatically used."
msgstr "Por defecto: No fijado. La shell del usuario se usa automáticamente."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:659
+#: sssd.conf.5.xml:690
msgid "vetoed_shells (string)"
msgstr "vetoed_shells (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:662
+#: sssd.conf.5.xml:693
msgid "Replace any instance of these shells with the shell_fallback"
msgstr "Reemplaza cualquier instancia de estos shells con shell_fallback"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:667
+#: sssd.conf.5.xml:698
msgid "shell_fallback (string)"
msgstr "shell_fallback (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:670
+#: sssd.conf.5.xml:701
msgid ""
"The default shell to use if an allowed shell is not installed on the machine."
msgstr ""
@@ -1111,24 +1179,24 @@ msgstr ""
"máquina."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:674
+#: sssd.conf.5.xml:705
msgid "Default: /bin/sh"
msgstr "Predeterminado: /bin/sh"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:679
+#: sssd.conf.5.xml:710
msgid "default_shell"
msgstr "default_shell"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:682
+#: sssd.conf.5.xml:713
msgid ""
"The default shell to use if the provider does not return one during lookup. "
"This option can be specified globally in the [nss] section or per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:688
+#: sssd.conf.5.xml:719
msgid ""
"Default: not set (Return NULL if no shell is specified and rely on libc to "
"substitute something sensible when necessary, usually /bin/sh)"
@@ -1138,12 +1206,12 @@ msgstr ""
"normalmente /bin/sh)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:695 sssd.conf.5.xml:881
+#: sssd.conf.5.xml:726 sssd.conf.5.xml:912
msgid "get_domains_timeout (int)"
msgstr "get_domains_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:698 sssd.conf.5.xml:884
+#: sssd.conf.5.xml:729 sssd.conf.5.xml:915
msgid ""
"Specifies time in seconds for which the list of subdomains will be "
"considered valid."
@@ -1152,12 +1220,12 @@ msgstr ""
"considerada válida."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:707
+#: sssd.conf.5.xml:738
msgid "memcache_timeout (int)"
msgstr "memcache_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:710
+#: sssd.conf.5.xml:741
msgid ""
"Specifies time in seconds for which records in the in-memory cache will be "
"valid"
@@ -1166,17 +1234,17 @@ msgstr ""
"escondrijo en memoria serán válidos."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:714 sssd-ldap.5.xml:706
+#: sssd.conf.5.xml:745 sssd-ldap.5.xml:706
msgid "Default: 300"
msgstr "Predeterminado: 300"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:719 sssd-ifp.5.xml:74
+#: sssd.conf.5.xml:750 sssd-ifp.5.xml:74
msgid "user_attributes (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:722
+#: sssd.conf.5.xml:753
msgid ""
"Some of the additional NSS responder requests can return more attributes "
"than just the POSIX ones defined by the NSS interface. The list of "
@@ -1187,24 +1255,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:735
+#: sssd.conf.5.xml:766
msgid ""
"To make configuration more easy the NSS responder will check the InfoPipe "
"option if it is not set for the NSS responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:740
+#: sssd.conf.5.xml:771
msgid "Default: not set, fallback to InfoPipe option"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:747
+#: sssd.conf.5.xml:778
msgid "PAM configuration options"
msgstr "Opciones de configuración PAM"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:749
+#: sssd.conf.5.xml:780
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
@@ -1213,12 +1281,12 @@ msgstr ""
"Authentication Module (PAM)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:754
+#: sssd.conf.5.xml:785
msgid "offline_credentials_expiration (integer)"
msgstr "offline_credentials_expiration (entero)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:757
+#: sssd.conf.5.xml:788
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
@@ -1227,17 +1295,17 @@ msgstr ""
"los accesos escondidos (en días desde el último login en línea con éxito)."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:762 sssd.conf.5.xml:775
+#: sssd.conf.5.xml:793 sssd.conf.5.xml:806
msgid "Default: 0 (No limit)"
msgstr "Predeterminado: 0 (Sin límite)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:768
+#: sssd.conf.5.xml:799
msgid "offline_failed_login_attempts (integer)"
msgstr "offline_failed_login_attempts (entero)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:771
+#: sssd.conf.5.xml:802
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
@@ -1246,12 +1314,12 @@ msgstr ""
"login fallados están permitidos."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:781
+#: sssd.conf.5.xml:812
msgid "offline_failed_login_delay (integer)"
msgstr "offline_failed_login_delay (entero)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:784
+#: sssd.conf.5.xml:815
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
@@ -1261,7 +1329,7 @@ msgstr ""
"intento de login sea posible."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:789
+#: sssd.conf.5.xml:820
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -1272,17 +1340,17 @@ msgstr ""
"éxito puede habilitar otra vez la autenticación fuera de línea."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:795 sssd.conf.5.xml:848
+#: sssd.conf.5.xml:826 sssd.conf.5.xml:879
msgid "Default: 5"
msgstr "Predeterminado: 5"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:801
+#: sssd.conf.5.xml:832
msgid "pam_verbosity (integer)"
msgstr "pam_verbosity (entero)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:804
+#: sssd.conf.5.xml:835
msgid ""
"Controls what kind of messages are shown to the user during authentication. "
"The higher the number to more messages are displayed."
@@ -1291,44 +1359,44 @@ msgstr ""
"autenticación. Cuanto mayor sea el número de mensajes más aparecen."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:809
+#: sssd.conf.5.xml:840
msgid "Currently sssd supports the following values:"
msgstr "Actualmente sssd soporta los siguientes valores:"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:812
+#: sssd.conf.5.xml:843
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr "<emphasis>0</emphasis>: no mostrar ningún mensaje"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:815
+#: sssd.conf.5.xml:846
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr "<emphasis>1</emphasis>: mostrar sólo mensajes importantes"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:819
+#: sssd.conf.5.xml:850
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr "<emphasis>2</emphasis>: mostrar mensajes informativos"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:822
+#: sssd.conf.5.xml:853
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
"<emphasis>3</emphasis>: mostrar todos los mensajes e información de "
"depuración"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:826 sssd.8.xml:63
+#: sssd.conf.5.xml:857 sssd.8.xml:63
msgid "Default: 1"
msgstr "Predeterminado: 1"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:831
+#: sssd.conf.5.xml:862
msgid "pam_id_timeout (integer)"
msgstr "pam_id_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:834
+#: sssd.conf.5.xml:865
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -1340,7 +1408,7 @@ msgstr ""
"información más actual."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:840
+#: sssd.conf.5.xml:871
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a per-"
@@ -1354,17 +1422,17 @@ msgstr ""
"proveedor de identidad."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:854
+#: sssd.conf.5.xml:885
msgid "pam_pwd_expiration_warning (integer)"
msgstr "pam_pwd_expiration_warning (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:857 sssd.conf.5.xml:1390
+#: sssd.conf.5.xml:888 sssd.conf.5.xml:1442
msgid "Display a warning N days before the password expires."
msgstr "Mostrar una advertencia N días antes que la contraseña caduque."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:860
+#: sssd.conf.5.xml:891
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1375,7 +1443,7 @@ msgstr ""
"información desaparece, sssd no podrá mostrar un aviso."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:866 sssd.conf.5.xml:1393
+#: sssd.conf.5.xml:897 sssd.conf.5.xml:1445
msgid ""
"If zero is set, then this filter is not applied, i.e. if the expiration "
"warning was received from backend server, it will automatically be displayed."
@@ -1385,7 +1453,7 @@ msgstr ""
"automáticamente."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:871
+#: sssd.conf.5.xml:902
msgid ""
"This setting can be overridden by setting <emphasis>pwd_expiration_warning</"
"emphasis> for a particular domain."
@@ -1394,17 +1462,17 @@ msgstr ""
"<emphasis>pwd_expiration_warning</emphasis> para un dominio concreto."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:876 sssd.8.xml:79
+#: sssd.conf.5.xml:907 sssd.8.xml:79
msgid "Default: 0"
msgstr "Predeterminado: 0"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:893
+#: sssd.conf.5.xml:924
msgid "pam_trusted_users (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:896
+#: sssd.conf.5.xml:927
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAM responder. User names are resolved to UIDs at "
@@ -1412,59 +1480,77 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:902
+#: sssd.conf.5.xml:933
msgid "Default: all (All users are allowed to access the PAM responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:906
+#: sssd.conf.5.xml:937
msgid ""
"Please note that UID 0 is always allowed to access the PAM responder even in "
"case it is not in the pam_trusted_users list."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:913
+#: sssd.conf.5.xml:944
msgid "pam_public_domains (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:916
+#: sssd.conf.5.xml:947
msgid ""
"Specifies the comma-separated list of domain names that are accessible even "
"to untrusted users."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:920
+#: sssd.conf.5.xml:951
msgid "Two special values for pam_public_domains option are defined:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:924
+#: sssd.conf.5.xml:955
msgid ""
"all (Untrusted users are allowed to access all domains in PAM responder.)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:928
+#: sssd.conf.5.xml:959
msgid ""
"none (Untrusted users are not allowed to access any domains PAM in "
"responder.)"
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:932 sssd.conf.5.xml:1192 sssd-ldap.5.xml:1753
-msgid "Default: none"
-msgstr "Predeterminado: none"
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:968
+#, fuzzy
+#| msgid "ldap_user_ad_account_expires (string)"
+msgid "pam_account_expired_message (string)"
+msgstr "ldap_user_ad_account_expires (cadena)"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:971
+msgid ""
+"If user is authenticating using SSH keys and account is expired then by "
+"default 'Permission denied' is output. This output will be changed to "
+"content of this variable if it is set."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd.conf.5.xml:980
+#, no-wrap
+msgid ""
+"pam_account_expired_message = Account expired, please call help desk.\n"
+" "
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:941
+#: sssd.conf.5.xml:993
msgid "SUDO configuration options"
msgstr "SUDO opciones de configuración"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:943
+#: sssd.conf.5.xml:995
msgid ""
"These options can be used to configure the sudo service. The detailed "
"instructions for configuration of <citerefentry> <refentrytitle>sudo</"
@@ -1475,12 +1561,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:960
+#: sssd.conf.5.xml:1012
msgid "sudo_timed (bool)"
msgstr "sudo_timed (booleano)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:1015
msgid ""
"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
"that implement time-dependent sudoers entries."
@@ -1489,22 +1575,22 @@ msgstr ""
"entradas de sudoers dependientes del tiempo."
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:976
+#: sssd.conf.5.xml:1028
msgid "AUTOFS configuration options"
msgstr "Opciones de configuración AUTOFS"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:978
+#: sssd.conf.5.xml:1030
msgid "These options can be used to configure the autofs service."
msgstr "Estas opciones pueden ser usadas para configurar el servicio autofs."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:982
+#: sssd.conf.5.xml:1034
msgid "autofs_negative_timeout (integer)"
msgstr "autofs_negative_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:985
+#: sssd.conf.5.xml:1037
msgid ""
"Specifies for how many seconds should the autofs responder negative cache "
"hits (that is, queries for invalid map entries, like nonexistent ones) "
@@ -1515,22 +1601,22 @@ msgstr ""
"existentes) antes de preguntar al punto final otra vez."
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1001
+#: sssd.conf.5.xml:1053
msgid "SSH configuration options"
msgstr "Opciones de configuración SSH"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1003
+#: sssd.conf.5.xml:1055
msgid "These options can be used to configure the SSH service."
msgstr "Estas opciones se pueden usar para configurar el servicio SSH."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1007
+#: sssd.conf.5.xml:1059
msgid "ssh_hash_known_hosts (bool)"
msgstr "ssh_hash_known_hosts (booleano)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1010
+#: sssd.conf.5.xml:1062
msgid ""
"Whether or not to hash host names and addresses in the managed known_hosts "
"file."
@@ -1539,12 +1625,12 @@ msgstr ""
"known_host. "
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1019
+#: sssd.conf.5.xml:1071
msgid "ssh_known_hosts_timeout (integer)"
msgstr "ssh_known_hosts_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1022
+#: sssd.conf.5.xml:1074
msgid ""
"How many seconds to keep a host in the managed known_hosts file after its "
"host keys were requested."
@@ -1553,17 +1639,17 @@ msgstr ""
"después de que se hayan pedido sus claves de host."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1026
+#: sssd.conf.5.xml:1078
msgid "Default: 180"
msgstr "Por defecto: 180"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1034
+#: sssd.conf.5.xml:1086
msgid "PAC responder configuration options"
msgstr "Opciones de configuración del respondedor PAC"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1036
+#: sssd.conf.5.xml:1088
msgid ""
"The PAC responder works together with the authorization data plugin for MIT "
"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
@@ -1582,7 +1668,7 @@ msgstr ""
"siguientes operaciones:"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1045
+#: sssd.conf.5.xml:1097
msgid ""
"If the remote user does not exist in the cache, it is created. The uid is "
"determined with the help of the SID, trusted domains will have UPGs and the "
@@ -1593,24 +1679,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1053
+#: sssd.conf.5.xml:1105
msgid ""
"If there are SIDs of groups from domains sssd knows about, the user will be "
"added to those groups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1059
+#: sssd.conf.5.xml:1111
msgid "These options can be used to configure the PAC responder."
msgstr "Estas opciones pueden ser usadas para configurar el respondedor PAC."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1063 sssd-ifp.5.xml:50
+#: sssd.conf.5.xml:1115 sssd-ifp.5.xml:50
msgid "allowed_uids (string)"
msgstr "allowed_uids (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1066
+#: sssd.conf.5.xml:1118
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAC responder. User names are resolved to UIDs at "
@@ -1620,14 +1706,14 @@ msgstr ""
"usuario que tiene el acceso permitido al respondedor PAC."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1072
+#: sssd.conf.5.xml:1124
msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
msgstr ""
"Por defecto: 0 (sólo el usuario root tiene permitido el acceso al "
"respondedor PAC)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1076
+#: sssd.conf.5.xml:1128
msgid ""
"Please note that although the UID 0 is used as the default it will be "
"overwritten with this option. If you still want to allow the root user to "
@@ -1640,17 +1726,17 @@ msgstr ""
"lista de UIDs permitidas también."
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:1090
+#: sssd.conf.5.xml:1142
msgid "DOMAIN SECTIONS"
msgstr "SECCIONES DE DOMINIO"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1097
+#: sssd.conf.5.xml:1149
msgid "min_id,max_id (integer)"
msgstr "min_id, max_id (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1100
+#: sssd.conf.5.xml:1152
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
@@ -1659,7 +1745,7 @@ msgstr ""
"está fuera de estos límites, ésta es ignorada."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1105
+#: sssd.conf.5.xml:1157
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For non-"
@@ -1672,24 +1758,24 @@ msgstr ""
"reportados como en espera."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1112
+#: sssd.conf.5.xml:1164
msgid ""
"These ID limits affect even saving entries to cache, not only returning them "
"by name or ID."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1116
+#: sssd.conf.5.xml:1168
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr "Predeterminado: 1 para min_id, 0 (sin límite) para max_id"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1122
+#: sssd.conf.5.xml:1174
msgid "enumerate (bool)"
msgstr "enumerar (bool)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1125
+#: sssd.conf.5.xml:1177
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
@@ -1698,23 +1784,23 @@ msgstr ""
"de los siguientes valores:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1129
+#: sssd.conf.5.xml:1181
msgid "TRUE = Users and groups are enumerated"
msgstr "TRUE = Usuarios y grupos son enumerados"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1132
+#: sssd.conf.5.xml:1184
msgid "FALSE = No enumerations for this domain"
msgstr "FALSE = Sin enumeraciones para este dominio"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1135 sssd.conf.5.xml:1367 sssd.conf.5.xml:1476
-#: sssd.conf.5.xml:1493
+#: sssd.conf.5.xml:1187 sssd.conf.5.xml:1419 sssd.conf.5.xml:1528
+#: sssd.conf.5.xml:1545
msgid "Default: FALSE"
msgstr "Predeterminado: FALSE"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1138
+#: sssd.conf.5.xml:1190
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
@@ -1734,7 +1820,7 @@ msgstr ""
"las afiliaciones deben ser recalculadas."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1151
+#: sssd.conf.5.xml:1203
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
@@ -1744,7 +1830,7 @@ msgstr ""
"completen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1156
+#: sssd.conf.5.xml:1208
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -1758,7 +1844,7 @@ msgstr ""
"específico id_provider en uso."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1164
+#: sssd.conf.5.xml:1216
msgid ""
"For the reasons cited above, enabling enumeration is not recommended, "
"especially in large environments."
@@ -1767,32 +1853,32 @@ msgstr ""
"especialmente en entornos grandes."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1172
+#: sssd.conf.5.xml:1224
msgid "subdomain_enumerate (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1179
+#: sssd.conf.5.xml:1231
msgid "all"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1180
+#: sssd.conf.5.xml:1232
msgid "All discovered trusted domains will be enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1183
+#: sssd.conf.5.xml:1235
msgid "none"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1184
+#: sssd.conf.5.xml:1236
msgid "No discovered trusted domains will be enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1175
+#: sssd.conf.5.xml:1227
msgid ""
"Whether any of autodetected trusted domains should be enumerated. The "
"supported values are: <placeholder type=\"variablelist\" id=\"0\"/> "
@@ -1801,12 +1887,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1215
+#: sssd.conf.5.xml:1267
msgid "entry_cache_timeout (integer)"
msgstr "entry_cache_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1218
+#: sssd.conf.5.xml:1270
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
@@ -1815,7 +1901,7 @@ msgstr ""
"volver a consultar al backend"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1222
+#: sssd.conf.5.xml:1274
msgid ""
"The cache expiration timestamps are stored as attributes of individual "
"objects in the cache. Therefore, changing the cache timeout only has effect "
@@ -1826,17 +1912,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1235
+#: sssd.conf.5.xml:1287
msgid "Default: 5400"
msgstr "Predeterminado: 5400"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1241
+#: sssd.conf.5.xml:1293
msgid "entry_cache_user_timeout (integer)"
msgstr "entry_cache_user_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1244
+#: sssd.conf.5.xml:1296
msgid ""
"How many seconds should nss_sss consider user entries valid before asking "
"the backend again"
@@ -1845,19 +1931,19 @@ msgstr ""
"antes de preguntar al punto final otra vez."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1248 sssd.conf.5.xml:1261 sssd.conf.5.xml:1274
-#: sssd.conf.5.xml:1287 sssd.conf.5.xml:1300 sssd.conf.5.xml:1314
-#: sssd.conf.5.xml:1328
+#: sssd.conf.5.xml:1300 sssd.conf.5.xml:1313 sssd.conf.5.xml:1326
+#: sssd.conf.5.xml:1339 sssd.conf.5.xml:1352 sssd.conf.5.xml:1366
+#: sssd.conf.5.xml:1380
msgid "Default: entry_cache_timeout"
msgstr "Por defecto: entry_cache_timeout"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1254
+#: sssd.conf.5.xml:1306
msgid "entry_cache_group_timeout (integer)"
msgstr "entry_cache_group_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1257
+#: sssd.conf.5.xml:1309
msgid ""
"How many seconds should nss_sss consider group entries valid before asking "
"the backend again"
@@ -1866,12 +1952,12 @@ msgstr ""
"antes de preguntar al punto final otra vez."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1267
+#: sssd.conf.5.xml:1319
msgid "entry_cache_netgroup_timeout (integer)"
msgstr "entry_cache_netgroup_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1270
+#: sssd.conf.5.xml:1322
msgid ""
"How many seconds should nss_sss consider netgroup entries valid before "
"asking the backend again"
@@ -1880,12 +1966,12 @@ msgstr ""
"válidas antes de preguntar al punto final otra vez."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1280
+#: sssd.conf.5.xml:1332
msgid "entry_cache_service_timeout (integer)"
msgstr "entry_cache_service_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1283
+#: sssd.conf.5.xml:1335
msgid ""
"How many seconds should nss_sss consider service entries valid before asking "
"the backend again"
@@ -1894,12 +1980,12 @@ msgstr ""
"antes de preguntar al punto final otra vez."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1293
+#: sssd.conf.5.xml:1345
msgid "entry_cache_sudo_timeout (integer)"
msgstr "entry_cache_sudo_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1296
+#: sssd.conf.5.xml:1348
msgid ""
"How many seconds should sudo consider rules valid before asking the backend "
"again"
@@ -1908,12 +1994,12 @@ msgstr ""
"preguntar al backend otra vez."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1306
+#: sssd.conf.5.xml:1358
msgid "entry_cache_autofs_timeout (integer)"
msgstr "entry_cache_autofs_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1309
+#: sssd.conf.5.xml:1361
msgid ""
"How many seconds should the autofs service consider automounter maps valid "
"before asking the backend again"
@@ -1922,70 +2008,71 @@ msgstr ""
"automontaje válidos antes de preguntar al punto final otra vez."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1320
+#: sssd.conf.5.xml:1372
msgid "entry_cache_ssh_host_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1323
+#: sssd.conf.5.xml:1375
msgid ""
"How many seconds to keep a host ssh key after refresh. IE how long to cache "
"the host key for."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1334
+#: sssd.conf.5.xml:1386
msgid "refresh_expired_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1337
+#: sssd.conf.5.xml:1389
msgid ""
"Specifies how many seconds SSSD has to wait before triggering a background "
"refresh task which will refresh all expired or nearly expired records."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1342
-msgid "Currently only refreshing expired netgroups is supported."
+#: sssd.conf.5.xml:1394
+msgid ""
+"The background refresh will process users, groups and netgroups in the cache."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1346
+#: sssd.conf.5.xml:1398
msgid "You can consider setting this value to 3/4 * entry_cache_timeout."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1350 sssd-ipa.5.xml:224
+#: sssd.conf.5.xml:1402 sssd-ipa.5.xml:224
msgid "Default: 0 (disabled)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1356
+#: sssd.conf.5.xml:1408
msgid "cache_credentials (bool)"
msgstr "cache_credentials (bool)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1359
+#: sssd.conf.5.xml:1411
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
"Determina si las credenciales del usuario están también escondidas en el "
"cache LDB local"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1363
+#: sssd.conf.5.xml:1415
msgid "User credentials are stored in a SHA512 hash, not in plaintext"
msgstr ""
"Las credenciales de usuario son almacenadas en un hash SHA512, no en texto "
"plano"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1372
+#: sssd.conf.5.xml:1424
msgid "account_cache_expiration (integer)"
msgstr "account_cache_expiration (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1375
+#: sssd.conf.5.xml:1427
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -1998,17 +2085,17 @@ msgstr ""
"grande o igual que offline_credentials_expiration."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1382
+#: sssd.conf.5.xml:1434
msgid "Default: 0 (unlimited)"
msgstr "Predeterminado: 0 (ilimitado)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1387
+#: sssd.conf.5.xml:1439
msgid "pwd_expiration_warning (integer)"
msgstr "pwd_expiration_warning (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1398
+#: sssd.conf.5.xml:1450
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -2021,17 +2108,17 @@ msgstr ""
"configurar un proveedor de autorización para el backend."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1405
+#: sssd.conf.5.xml:1457
msgid "Default: 7 (Kerberos), 0 (LDAP)"
msgstr "Por defecto: 7 (Kerberos), 0 (LDAP)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1411
+#: sssd.conf.5.xml:1463
msgid "id_provider (string)"
msgstr "id_provider (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1414
+#: sssd.conf.5.xml:1466
msgid ""
"The identification provider used for the domain. Supported ID providers are:"
msgstr ""
@@ -2039,17 +2126,17 @@ msgstr ""
"soportados son:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1418
+#: sssd.conf.5.xml:1470
msgid "<quote>proxy</quote>: Support a legacy NSS provider"
msgstr "<quote>proxy</quote>: Soporta un proveedor NSS legado"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1421 sssd.conf.5.xml:1539
+#: sssd.conf.5.xml:1473 sssd.conf.5.xml:1591
msgid "<quote>local</quote>: SSSD internal provider for local users"
msgstr "<quote>local</quote>: Proveedor interno SSSD para usuarios locales"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1425
+#: sssd.conf.5.xml:1477
msgid ""
"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
@@ -2060,8 +2147,8 @@ msgstr ""
"información sobre la configuración de LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1433 sssd.conf.5.xml:1519 sssd.conf.5.xml:1574
-#: sssd.conf.5.xml:1627
+#: sssd.conf.5.xml:1485 sssd.conf.5.xml:1571 sssd.conf.5.xml:1626
+#: sssd.conf.5.xml:1679
msgid ""
"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -2074,8 +2161,8 @@ msgstr ""
"configuración de FreeIPA."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1442 sssd.conf.5.xml:1528 sssd.conf.5.xml:1583
-#: sssd.conf.5.xml:1636
+#: sssd.conf.5.xml:1494 sssd.conf.5.xml:1580 sssd.conf.5.xml:1635
+#: sssd.conf.5.xml:1688
msgid ""
"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2087,12 +2174,12 @@ msgstr ""
"Directory."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1453
+#: sssd.conf.5.xml:1505
msgid "use_fully_qualified_names (bool)"
msgstr "use_fully_qualified_names (bool)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1456
+#: sssd.conf.5.xml:1508
msgid ""
"Use the full name and domain (as formatted by the domain's full_name_format) "
"as the user's login name reported to NSS."
@@ -2102,7 +2189,7 @@ msgstr ""
"NSS."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1461
+#: sssd.conf.5.xml:1513
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified names. "
"For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -2116,7 +2203,7 @@ msgstr ""
"command> lo haría."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1469
+#: sssd.conf.5.xml:1521
msgid ""
"NOTE: This option has no effect on netgroup lookups due to their tendency to "
"include nested netgroups without qualified names. For netgroups, all domains "
@@ -2124,17 +2211,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1481
+#: sssd.conf.5.xml:1533
msgid "ignore_group_members (bool)"
msgstr "ignore_group_members (bool)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1484
+#: sssd.conf.5.xml:1536
msgid "Do not return group members for group lookups."
msgstr "No devuelve miembros de grupo para búsquedas de grupo."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1487
+#: sssd.conf.5.xml:1539
msgid ""
"If set to TRUE, the group membership attribute is not requested from the "
"ldap server, and group members are not returned when processing group lookup "
@@ -2145,12 +2232,12 @@ msgstr ""
"llamadas de búsqueda de grupo."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1498
+#: sssd.conf.5.xml:1550
msgid "auth_provider (string)"
msgstr "auth_provider (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1501
+#: sssd.conf.5.xml:1553
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
@@ -2159,7 +2246,7 @@ msgstr ""
"autenticación soportados son:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1505 sssd.conf.5.xml:1567
+#: sssd.conf.5.xml:1557 sssd.conf.5.xml:1619
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2170,7 +2257,7 @@ msgstr ""
"citerefentry> para más información sobre la configuración LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1512
+#: sssd.conf.5.xml:1564
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2181,7 +2268,7 @@ msgstr ""
"citerefentry> para más información sobre la configuración de Kerberos."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1536
+#: sssd.conf.5.xml:1588
msgid ""
"<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr ""
@@ -2189,12 +2276,12 @@ msgstr ""
"objetivo PAM."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1543
+#: sssd.conf.5.xml:1595
msgid "<quote>none</quote> disables authentication explicitly."
msgstr "<quote>none</quote> deshabilita la autenticación explícitamente."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1546
+#: sssd.conf.5.xml:1598
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
@@ -2203,12 +2290,12 @@ msgstr ""
"manejar las peticiones de autenticación."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1552
+#: sssd.conf.5.xml:1604
msgid "access_provider (string)"
msgstr "access_provider (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1555
+#: sssd.conf.5.xml:1607
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -2219,7 +2306,7 @@ msgstr ""
"proveedores especiales internos son:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1561
+#: sssd.conf.5.xml:1613
msgid ""
"<quote>permit</quote> always allow access. It's the only permitted access "
"provider for a local domain."
@@ -2228,12 +2315,12 @@ msgstr ""
"sólo permitido para un dominio local."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1564
+#: sssd.conf.5.xml:1616
msgid "<quote>deny</quote> always deny access."
msgstr "<quote>deny</quote> siempre niega el acceso."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1591
+#: sssd.conf.5.xml:1643
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
@@ -2246,17 +2333,17 @@ msgstr ""
"configuración del módulo de acceso sencillo."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1598
+#: sssd.conf.5.xml:1650
msgid "Default: <quote>permit</quote>"
msgstr "Predeterminado: <quote>permit</quote>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1603
+#: sssd.conf.5.xml:1655
msgid "chpass_provider (string)"
msgstr "chpass_provider (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1606
+#: sssd.conf.5.xml:1658
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
@@ -2265,7 +2352,7 @@ msgstr ""
"el dominio. Los proveedores de cambio de passweord soportados son:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1611
+#: sssd.conf.5.xml:1663
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
@@ -2277,7 +2364,7 @@ msgstr ""
"configurar LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1619
+#: sssd.conf.5.xml:1671
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2288,7 +2375,7 @@ msgstr ""
"citerefentry> para más información sobre configurar Kerberos."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1644
+#: sssd.conf.5.xml:1696
msgid ""
"<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr ""
@@ -2296,13 +2383,13 @@ msgstr ""
"otros objetivos PAM."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1648
+#: sssd.conf.5.xml:1700
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr ""
"<quote>none</quote> deniega explícitamente los cambios en la contraseña."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1651
+#: sssd.conf.5.xml:1703
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
@@ -2311,18 +2398,18 @@ msgstr ""
"puede manejar las peticiones de cambio de password."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1658
+#: sssd.conf.5.xml:1710
msgid "sudo_provider (string)"
msgstr "sudo_provider (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1661
+#: sssd.conf.5.xml:1713
msgid "The SUDO provider used for the domain. Supported SUDO providers are:"
msgstr ""
"El proveedor SUDO usado por el dominio. Los proveedores SUDO soportados son:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1665
+#: sssd.conf.5.xml:1717
msgid ""
"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2333,33 +2420,33 @@ msgstr ""
"citerefentry> para más información sobre la configuración LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1673
+#: sssd.conf.5.xml:1725
msgid ""
"<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default "
"settings."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1677
+#: sssd.conf.5.xml:1729
msgid ""
"<quote>ad</quote> the same as <quote>ldap</quote> but with AD default "
"settings."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1681
+#: sssd.conf.5.xml:1733
msgid "<quote>none</quote> disables SUDO explicitly."
msgstr "<quote>none</quote>deshabilita SUDO explícitamente."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1684 sssd.conf.5.xml:1762 sssd.conf.5.xml:1794
-#: sssd.conf.5.xml:1819
+#: sssd.conf.5.xml:1736 sssd.conf.5.xml:1814 sssd.conf.5.xml:1846
+#: sssd.conf.5.xml:1871
msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
msgstr ""
"Por defecto: el valor de <quote>id_provider</quote> se usa si está fijado."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1688
+#: sssd.conf.5.xml:1740
msgid ""
"The detailed instructions for configuration of sudo_provider are in the "
"manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> "
@@ -2370,12 +2457,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1705
+#: sssd.conf.5.xml:1757
msgid "selinux_provider (string)"
msgstr "selinux_provider (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1708
+#: sssd.conf.5.xml:1760
msgid ""
"The provider which should handle loading of selinux settings. Note that this "
"provider will be called right after access provider ends. Supported selinux "
@@ -2386,7 +2473,7 @@ msgstr ""
"finalice. Los proveedores selinux soportados son:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1714
+#: sssd.conf.5.xml:1766
msgid ""
"<quote>ipa</quote> to load selinux settings from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2398,14 +2485,14 @@ msgstr ""
"IPA."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1722
+#: sssd.conf.5.xml:1774
msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
msgstr ""
"<quote>none</quote> deshabilita ir a buscar los ajustes selinux "
"explícitamente."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1725
+#: sssd.conf.5.xml:1777
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"selinux loading requests."
@@ -2414,12 +2501,12 @@ msgstr ""
"manejar las peticiones de carga selinux."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1731
+#: sssd.conf.5.xml:1783
msgid "subdomains_provider (string)"
msgstr "subdomains_provider (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1734
+#: sssd.conf.5.xml:1786
msgid ""
"The provider which should handle fetching of subdomains. This value should "
"be always the same as id_provider. Supported subdomain providers are:"
@@ -2429,7 +2516,7 @@ msgstr ""
"soportados son:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1740
+#: sssd.conf.5.xml:1792
msgid ""
"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2441,7 +2528,7 @@ msgstr ""
"configuración de IPA."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1749
+#: sssd.conf.5.xml:1801
msgid ""
"<quote>ad</quote> to load a list of subdomains from an Active Directory "
"server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> "
@@ -2450,18 +2537,18 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1758
+#: sssd.conf.5.xml:1810
msgid "<quote>none</quote> disallows fetching subdomains explicitly."
msgstr ""
"<quote>none</quote> deshabilita el buscador de subdominios explícitamente."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1769
+#: sssd.conf.5.xml:1821
msgid "autofs_provider (string)"
msgstr "autofs_provider (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1772
+#: sssd.conf.5.xml:1824
msgid ""
"The autofs provider used for the domain. Supported autofs providers are:"
msgstr ""
@@ -2469,7 +2556,7 @@ msgstr ""
"son:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1776
+#: sssd.conf.5.xml:1828
msgid ""
"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2481,7 +2568,7 @@ msgstr ""
"LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1783
+#: sssd.conf.5.xml:1835
msgid ""
"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2493,17 +2580,17 @@ msgstr ""
"IPA."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1791
+#: sssd.conf.5.xml:1843
msgid "<quote>none</quote> disables autofs explicitly."
msgstr "<quote>none</quote> deshabilita autofs explícitamente."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1801
+#: sssd.conf.5.xml:1853
msgid "hostid_provider (string)"
msgstr "hostid_provider (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1804
+#: sssd.conf.5.xml:1856
msgid ""
"The provider used for retrieving host identity information. Supported "
"hostid providers are:"
@@ -2512,7 +2599,7 @@ msgstr ""
"proveedores de hostid soportados son:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1808
+#: sssd.conf.5.xml:1860
msgid ""
"<quote>ipa</quote> to load host identity stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2524,12 +2611,12 @@ msgstr ""
"configuración de IPA."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1816
+#: sssd.conf.5.xml:1868
msgid "<quote>none</quote> disables hostid explicitly."
msgstr "<quote>none</quote> deshabilita hostid explícitamente."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1829
+#: sssd.conf.5.xml:1881
msgid ""
"Regular expression for this domain that describes how to parse the string "
"containing user name and domain into these components. The \"domain\" can "
@@ -2539,7 +2626,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1838
+#: sssd.conf.5.xml:1890
msgid ""
"Default for the AD and IPA provider: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
"\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
@@ -2552,22 +2639,22 @@ msgstr ""
"nombres de usuario:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1843
+#: sssd.conf.5.xml:1895
msgid "username"
msgstr "nombre de usuario"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1846
+#: sssd.conf.5.xml:1898
msgid "username@domain.name"
msgstr "username@domain.name"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1849
+#: sssd.conf.5.xml:1901
msgid "domain\\username"
msgstr "dominio/nombre_de_usuario"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1852
+#: sssd.conf.5.xml:1904
msgid ""
"While the first two correspond to the general default the third one is "
"introduced to allow easy integration of users from Windows domains."
@@ -2577,7 +2664,7 @@ msgstr ""
"dominios Windows."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1857
+#: sssd.conf.5.xml:1909
msgid ""
"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
"which translates to \"the name is everything up to the <quote>@</quote> "
@@ -2588,7 +2675,7 @@ msgstr ""
"el nombre, el dominio es el resto detrás de este signo\""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1863
+#: sssd.conf.5.xml:1915
msgid ""
"PLEASE NOTE: the support for non-unique named subpatterns is not available "
"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
@@ -2600,7 +2687,7 @@ msgstr ""
"subplantillas sin nombre único."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1870
+#: sssd.conf.5.xml:1922
msgid ""
"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?"
"P&lt;name&gt;) to label subpatterns."
@@ -2609,17 +2696,17 @@ msgstr ""
"soportan la sintaxis Python (?P&lt;name&gt;) para identificar subpatrones."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1917
+#: sssd.conf.5.xml:1969
msgid "Default: <quote>%1$s@%2$s</quote>."
msgstr "Predeterminado: <quote>%1$s@%2$s</quote>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1923
+#: sssd.conf.5.xml:1975
msgid "lookup_family_order (string)"
msgstr "lookup_family_order (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1926
+#: sssd.conf.5.xml:1978
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
@@ -2628,42 +2715,42 @@ msgstr ""
"a usar cuando se lleven a cabo búsquedas DNS."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1930
+#: sssd.conf.5.xml:1982
msgid "Supported values:"
msgstr "Valores soportados:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1933
+#: sssd.conf.5.xml:1985
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr "ipv4_first: Intenta buscar dirección IPv4, si falla, intenta IPv6"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1936
+#: sssd.conf.5.xml:1988
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr "ipv4_only: Sólo intenta resolver nombres de host a direccones IPv4."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1939
+#: sssd.conf.5.xml:1991
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr "ipv6_first: Intenta buscar dirección IPv6, si falla, intenta IPv4"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1942
+#: sssd.conf.5.xml:1994
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr "ipv6_only: Sólo intenta resolver nombres de host a direccones IPv6."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1945
+#: sssd.conf.5.xml:1997
msgid "Default: ipv4_first"
msgstr "Predeterminado: ipv4_first"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1951
+#: sssd.conf.5.xml:2003
msgid "dns_resolver_timeout (integer)"
msgstr "dns_resolver_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1954
+#: sssd.conf.5.xml:2006
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -2674,18 +2761,18 @@ msgstr ""
"espera, el dominio continuará operativo en modo fuera de línea."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1960 sssd-ldap.5.xml:1184 sssd-ldap.5.xml:1226
-#: sssd-ldap.5.xml:1241 sssd-krb5.5.xml:239
+#: sssd.conf.5.xml:2012 sssd-ldap.5.xml:1184 sssd-ldap.5.xml:1226
+#: sssd-ldap.5.xml:1241 sssd-krb5.5.xml:248
msgid "Default: 6"
msgstr "Predeterminado: 6"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1966
+#: sssd.conf.5.xml:2018
msgid "dns_discovery_domain (string)"
msgstr "dns_discovery_domain (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1969
+#: sssd.conf.5.xml:2021
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
@@ -2694,53 +2781,53 @@ msgstr ""
"de dominio de la pregunta al descubridor de servicio DNS."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1973
+#: sssd.conf.5.xml:2025
msgid "Default: Use the domain part of machine's hostname"
msgstr ""
"Predeterminado: Utilizar la parte del dominio del nombre de host del equipo"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1979
+#: sssd.conf.5.xml:2031
msgid "override_gid (integer)"
msgstr "override_gid (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1982
+#: sssd.conf.5.xml:2034
msgid "Override the primary GID value with the one specified."
msgstr "Anula el valor primario GID con el especificado."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1988
+#: sssd.conf.5.xml:2040
msgid "case_sensitive (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1996
+#: sssd.conf.5.xml:2048
msgid "True"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1999
+#: sssd.conf.5.xml:2051
msgid "Case sensitive. This value is invalid for AD provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2005
+#: sssd.conf.5.xml:2057
msgid "False"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2007
+#: sssd.conf.5.xml:2059
msgid "Case insensitive."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2011
+#: sssd.conf.5.xml:2063
msgid "Preserving"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2014
+#: sssd.conf.5.xml:2066
msgid ""
"Same as False (case insensitive), but does not lowercase names in the result "
"of NSS operations. Note that name aliases (and in case of services also "
@@ -2748,7 +2835,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1991
+#: sssd.conf.5.xml:2043
msgid ""
"Treat user and group names as case sensitive. At the moment, this option is "
"not supported in the local provider. Possible option values are: "
@@ -2756,17 +2843,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2026
+#: sssd.conf.5.xml:2078
msgid "Default: True (False for AD provider)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2032
+#: sssd.conf.5.xml:2084
msgid "proxy_fast_alias (boolean)"
msgstr "proxy_fast_alias (booleano)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2035
+#: sssd.conf.5.xml:2087
msgid ""
"When a user or group is looked up by name in the proxy provider, a second "
"lookup by ID is performed to \"canonicalize\" the name in case the requested "
@@ -2780,22 +2867,22 @@ msgstr ""
"razones de rendimiento."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2049
+#: sssd.conf.5.xml:2101
msgid "subdomain_homedir (string)"
msgstr "subdomain_homedir (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2060
+#: sssd.conf.5.xml:2112
msgid "%F"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2061
+#: sssd.conf.5.xml:2113
msgid "flat (NetBIOS) name of a subdomain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2052
+#: sssd.conf.5.xml:2104
msgid ""
"Use this homedir as default value for all subdomains within this domain in "
"IPA AD trust. See <emphasis>override_homedir</emphasis> for info about "
@@ -2805,7 +2892,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2066
+#: sssd.conf.5.xml:2118
msgid ""
"The value can be overridden by <emphasis>override_homedir</emphasis> option."
msgstr ""
@@ -2813,23 +2900,23 @@ msgstr ""
"emphasis>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2070
+#: sssd.conf.5.xml:2122
msgid "Default: <filename>/home/%d/%u</filename>"
msgstr "Por defecto: <filename>/home/%d/%u</filename>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2075
+#: sssd.conf.5.xml:2127
msgid "realmd_tags (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2078
+#: sssd.conf.5.xml:2130
msgid ""
"Various tags stored by the realmd configuration service for this domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1092
+#: sssd.conf.5.xml:1144
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
@@ -2841,17 +2928,17 @@ msgstr ""
"id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2091
+#: sssd.conf.5.xml:2143
msgid "proxy_pam_target (string)"
msgstr "proxy_pam_target (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2094
+#: sssd.conf.5.xml:2146
msgid "The proxy target PAM proxies to."
msgstr "El proxy de destino PAM próximo a."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2097
+#: sssd.conf.5.xml:2149
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
@@ -2860,12 +2947,12 @@ msgstr ""
"pam existente o crear una nueva y añadir el nombre de servicio aquí."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2105
+#: sssd.conf.5.xml:2157
msgid "proxy_lib_name (string)"
msgstr "proxy_lib_name (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2108
+#: sssd.conf.5.xml:2160
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -2876,7 +2963,7 @@ msgstr ""
"$(function), por ejemplo _nss_files_getpwent."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:2087
+#: sssd.conf.5.xml:2139
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
"\"0\"/>"
@@ -2885,12 +2972,12 @@ msgstr ""
"\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:2120
+#: sssd.conf.5.xml:2172
msgid "The local domain section"
msgstr "La sección de dominio local"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:2122
+#: sssd.conf.5.xml:2174
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -2901,29 +2988,29 @@ msgstr ""
"utiliza <replaceable>id_provider=local</replaceable>."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2129
+#: sssd.conf.5.xml:2181
msgid "default_shell (string)"
msgstr "default_shell (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2132
+#: sssd.conf.5.xml:2184
msgid "The default shell for users created with SSSD userspace tools."
msgstr ""
"El shell predeterminado para los usuarios creados con herramientas de "
"espacio de usuario SSSD."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2136
+#: sssd.conf.5.xml:2188
msgid "Default: <filename>/bin/bash</filename>"
msgstr "Predeterminado: <filename>/bin/bash</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2141
+#: sssd.conf.5.xml:2193
msgid "base_directory (string)"
msgstr "base_directory (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2144
+#: sssd.conf.5.xml:2196
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
@@ -2933,17 +3020,17 @@ msgstr ""
"de inicio."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2149
+#: sssd.conf.5.xml:2201
msgid "Default: <filename>/home</filename>"
msgstr "Predeterminado: <filename>/home</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2154
+#: sssd.conf.5.xml:2206
msgid "create_homedir (bool)"
msgstr "create_homedir (bool)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2157
+#: sssd.conf.5.xml:2209
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
@@ -2952,17 +3039,17 @@ msgstr ""
"Puede ser anulado desde la línea de comando."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2161 sssd.conf.5.xml:2173
+#: sssd.conf.5.xml:2213 sssd.conf.5.xml:2225
msgid "Default: TRUE"
msgstr "Predeterminado: TRUE"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2166
+#: sssd.conf.5.xml:2218
msgid "remove_homedir (bool)"
msgstr "remove_homedir (bool)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2169
+#: sssd.conf.5.xml:2221
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
@@ -2971,12 +3058,12 @@ msgstr ""
"borrados. Puede ser anulado desde la línea de comando."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2178
+#: sssd.conf.5.xml:2230
msgid "homedir_umask (integer)"
msgstr "homedir_umask (entero)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2181
+#: sssd.conf.5.xml:2233
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -2987,17 +3074,17 @@ msgstr ""
"predeterminados en un directorio de inicio recién creado."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2189
+#: sssd.conf.5.xml:2241
msgid "Default: 077"
msgstr "Predeterminado: 077"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2194
+#: sssd.conf.5.xml:2246
msgid "skel_dir (string)"
msgstr "skel_dir (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2197
+#: sssd.conf.5.xml:2249
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -3010,17 +3097,17 @@ msgstr ""
"<manvolnum>8</manvolnum></citerefentry>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2207
+#: sssd.conf.5.xml:2259
msgid "Default: <filename>/etc/skel</filename>"
msgstr "Predeterminado: <filename>/etc/skel</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2212
+#: sssd.conf.5.xml:2264
msgid "mail_dir (string)"
msgstr "mail_dir (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2215
+#: sssd.conf.5.xml:2267
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -3031,17 +3118,17 @@ msgstr ""
"Si no se especifica, se utiliza un valor por defecto."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2222
+#: sssd.conf.5.xml:2274
msgid "Default: <filename>/var/mail</filename>"
msgstr "Predeterminado: <filename>/var/mail</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2227
+#: sssd.conf.5.xml:2279
msgid "userdel_cmd (string)"
msgstr "userdel_cmd (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2230
+#: sssd.conf.5.xml:2282
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -3052,19 +3139,19 @@ msgstr ""
"único parámetro. El código de retorno del comando no es tenido en cuenta."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2236
+#: sssd.conf.5.xml:2288
msgid "Default: None, no command is run"
msgstr "Predeterminado: None, no se ejecuta comando"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:2246 sssd-ldap.5.xml:2518 sssd-simple.5.xml:131
-#: sssd-ipa.5.xml:718 sssd-ad.5.xml:843 sssd-krb5.5.xml:519
+#: sssd.conf.5.xml:2298 sssd-ldap.5.xml:2569 sssd-simple.5.xml:131
+#: sssd-ipa.5.xml:718 sssd-ad.5.xml:843 sssd-krb5.5.xml:564
#: sss_rpcidmapd.5.xml:98
msgid "EXAMPLE"
msgstr "EJEMPLO"
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:2252
+#: sssd.conf.5.xml:2304
#, no-wrap
msgid ""
"[sssd]\n"
@@ -3118,7 +3205,7 @@ msgstr ""
"enumerate = False\n"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:2248
+#: sssd.conf.5.xml:2300
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -4092,7 +4179,7 @@ msgstr "El atributo LDAP que corresponde al nombre completo del usuario."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:738 sssd-ldap.5.xml:831 sssd-ldap.5.xml:1058
-#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:2102 sssd-ldap.5.xml:2441
+#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:2153 sssd-ldap.5.xml:2492
#: sssd-ipa.5.xml:591
msgid "Default: cn"
msgstr "Predeterminado: cn"
@@ -4409,11 +4496,6 @@ msgstr ""
"Active Directory que puede acelerar las operaciones de inicio de grupo (más "
"notable cuando se trata con grupos complejos o profundamente anidados)."
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1017
-msgid "ldap_use_tokengroups"
-msgstr ""
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1020
msgid ""
@@ -4677,7 +4759,7 @@ msgstr ""
"temprano (este valor contra el tiempo de vida TGT)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1258 sssd-ldap.5.xml:2259
+#: sssd-ldap.5.xml:1258 sssd-ldap.5.xml:2310
msgid "Default: 900 (15 minutes)"
msgstr "Predeterminado: 900 (15 minutos)"
@@ -5221,7 +5303,7 @@ msgstr ""
"filename>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:403 sssd-krb5.5.xml:453
+#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:403 sssd-krb5.5.xml:462
msgid "krb5_canonicalize (boolean)"
msgstr "krb5_canonicalize (boolean)"
@@ -5235,12 +5317,12 @@ msgstr ""
"servidor LDAP. Esta función está disponible con MIT Kerberos >= 1.7"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1700 sssd-krb5.5.xml:468
+#: sssd-ldap.5.xml:1700 sssd-krb5.5.xml:477
msgid "krb5_use_kdcinfo (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1703 sssd-krb5.5.xml:471
+#: sssd-ldap.5.xml:1703 sssd-krb5.5.xml:480
msgid ""
"Specifies if the SSSD should instruct the Kerberos libraries what realm and "
"which KDCs to use. This option is on by default, if you disable it, you need "
@@ -5250,7 +5332,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1714 sssd-krb5.5.xml:482
+#: sssd-ldap.5.xml:1714 sssd-krb5.5.xml:491
msgid ""
"See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</"
"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more "
@@ -5568,11 +5650,64 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1958
+msgid ""
+"<emphasis> Please note that this option is superseded by the <quote>ppolicy</"
+"quote> option and might be removed in a future release. </emphasis>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1965
+msgid ""
+"<emphasis>ppolicy</emphasis>: use account locking. If set, this option "
+"denies access in case that ldap attribute 'pwdAccountLockedTime' is present "
+"and has value of '000001010000Z' or represents any time in the past. The "
+"value of the 'pwdAccountLockedTime' attribute must end with 'Z', which "
+"denotes the UTC time zone. Other time zones are not currently supported and "
+"will result in \"access-denied\" when users attempt to log in. Please see "
+"the option ldap_pwdlockout_dn. Please note that 'access_provider = ldap' "
+"must be set for this feature to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1982
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr "<emphasis>caducar</emphasis>: utilizar ldap_account_expire_policy"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1962
+#: sssd-ldap.5.xml:1986
+msgid ""
+"<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, "
+"pwd_expire_policy_renew: </emphasis> These options are useful if users are "
+"interested in being warned that password is about to expire and "
+"authentication is based on using a different method than passwords - for "
+"example SSH keys."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1996
+msgid ""
+"The difference between these options is the action taken if user password is "
+"expired: pwd_expire_policy_reject - user is denied to log in, "
+"pwd_expire_policy_warn - user is still able to log in, "
+"pwd_expire_policy_renew - user is prompted to change his password "
+"immediately."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2004
+msgid ""
+"Note If user password is expired no explicit message is prompted by SSSD."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2008
+msgid ""
+"Please note that 'access_provider = ldap' must be set for this feature to "
+"work. Also 'ldap_pwd_policy' must be set to an appropriate password policy."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2013
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
@@ -5581,18 +5716,18 @@ msgstr ""
"autorizedService para determinar el acceso"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1967
+#: sssd-ldap.5.xml:2018
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
"<emphasis>host</emphasis>: usa el atributo host para determinar el acceso"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1971
+#: sssd-ldap.5.xml:2022
msgid "Default: filter"
msgstr "Predeterminado: filter"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1974
+#: sssd-ldap.5.xml:2025
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
@@ -5601,12 +5736,12 @@ msgstr ""
"una vez."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1981
+#: sssd-ldap.5.xml:2032
msgid "ldap_pwdlockout_dn (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1984
+#: sssd-ldap.5.xml:2035
msgid ""
"This option specifies the DN of password policy entry on LDAP server. Please "
"note that absence of this option in sssd.conf in case of enabled account "
@@ -5615,22 +5750,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1992
+#: sssd-ldap.5.xml:2043
msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1995
+#: sssd-ldap.5.xml:2046
msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2001
+#: sssd-ldap.5.xml:2052
msgid "ldap_deref (string)"
msgstr "ldap_deref (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2004
+#: sssd-ldap.5.xml:2055
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
@@ -5639,13 +5774,13 @@ msgstr ""
"lleva a cabo una búsqueda. Están permitidas las siguientes opciones:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2009
+#: sssd-ldap.5.xml:2060
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr ""
"<emphasis>never</emphasis>: Nunca serán eliminadas las referencias al alias."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2013
+#: sssd-ldap.5.xml:2064
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
@@ -5655,7 +5790,7 @@ msgstr ""
"búsqueda."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2018
+#: sssd-ldap.5.xml:2069
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
@@ -5664,7 +5799,7 @@ msgstr ""
"cuando se localice el objeto base de la búsqueda."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2023
+#: sssd-ldap.5.xml:2074
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
@@ -5673,7 +5808,7 @@ msgstr ""
"para la búsqueda como en la localización del objeto base de la búsqueda."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2028
+#: sssd-ldap.5.xml:2079
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
@@ -5682,12 +5817,12 @@ msgstr ""
"librerías cliente LDAP)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2036
+#: sssd-ldap.5.xml:2087
msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
msgstr "ldap_rfc2307_fallback_to_local_users (boolean)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2039
+#: sssd-ldap.5.xml:2090
msgid ""
"Allows to retain local users as members of an LDAP group for servers that "
"use the RFC2307 schema."
@@ -5696,7 +5831,7 @@ msgstr ""
"servidores que usan el esquema RFC2307."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2043
+#: sssd-ldap.5.xml:2094
msgid ""
"In some environments where the RFC2307 schema is used, local users are made "
"members of LDAP groups by adding their names to the memberUid attribute. "
@@ -5714,7 +5849,7 @@ msgstr ""
"llamadas getpw*() o initgroups()."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2054
+#: sssd-ldap.5.xml:2105
msgid ""
"This option falls back to checking if local users are referenced, and caches "
"them so that later initgroups() calls will augment the local users with the "
@@ -5740,12 +5875,12 @@ msgstr ""
"completos. <placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2070
+#: sssd-ldap.5.xml:2121
msgid "SUDO OPTIONS"
msgstr "OPCIONES SUDO"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2072
+#: sssd-ldap.5.xml:2123
msgid ""
"The detailed instructions for configuration of sudo_provider are in the "
"manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> "
@@ -5753,52 +5888,52 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2083
+#: sssd-ldap.5.xml:2134
msgid "ldap_sudorule_object_class (string)"
msgstr "ldap_sudorule_object_class (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2086
+#: sssd-ldap.5.xml:2137
msgid "The object class of a sudo rule entry in LDAP."
msgstr "El objeto clase de una regla de entrada sudo en LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2089
+#: sssd-ldap.5.xml:2140
msgid "Default: sudoRole"
msgstr "Por defecto: sudoRole"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2095
+#: sssd-ldap.5.xml:2146
msgid "ldap_sudorule_name (string)"
msgstr "ldap_sudorule_name (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2098
+#: sssd-ldap.5.xml:2149
msgid "The LDAP attribute that corresponds to the sudo rule name."
msgstr "El atributo LDAP que corresponde a la regla nombre de sudo."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2108
+#: sssd-ldap.5.xml:2159
msgid "ldap_sudorule_command (string)"
msgstr "ldap_sudorule_command (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2111
+#: sssd-ldap.5.xml:2162
msgid "The LDAP attribute that corresponds to the command name."
msgstr "El atributo LDAP que corresponde al nombre de comando."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2115
+#: sssd-ldap.5.xml:2166
msgid "Default: sudoCommand"
msgstr "Por defecto: sudoCommand"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2121
+#: sssd-ldap.5.xml:2172
msgid "ldap_sudorule_host (string)"
msgstr "ldap_sudorule_host (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2124
+#: sssd-ldap.5.xml:2175
msgid ""
"The LDAP attribute that corresponds to the host name (or host IP address, "
"host IP network, or host netgroup)"
@@ -5807,17 +5942,17 @@ msgstr ""
"red IP del host o grupo de red del host)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2129
+#: sssd-ldap.5.xml:2180
msgid "Default: sudoHost"
msgstr "Por defecto: sudoHost"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2135
+#: sssd-ldap.5.xml:2186
msgid "ldap_sudorule_user (string)"
msgstr "ldap_sudorule_user (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2138
+#: sssd-ldap.5.xml:2189
msgid ""
"The LDAP attribute that corresponds to the user name (or UID, group name or "
"user's netgroup)"
@@ -5826,32 +5961,32 @@ msgstr ""
"grupo o grupo de red del usuario)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2142
+#: sssd-ldap.5.xml:2193
msgid "Default: sudoUser"
msgstr "Por defecto: sudoUser"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2148
+#: sssd-ldap.5.xml:2199
msgid "ldap_sudorule_option (string)"
msgstr "ldap_sudorule_option (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2151
+#: sssd-ldap.5.xml:2202
msgid "The LDAP attribute that corresponds to the sudo options."
msgstr "El atributo LDAP que corresponde a las opciones sudo."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2155
+#: sssd-ldap.5.xml:2206
msgid "Default: sudoOption"
msgstr "Por defecto: sudoOption"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2161
+#: sssd-ldap.5.xml:2212
msgid "ldap_sudorule_runasuser (string)"
msgstr "ldap_sudorule_runasuser (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2164
+#: sssd-ldap.5.xml:2215
msgid ""
"The LDAP attribute that corresponds to the user name that commands may be "
"run as."
@@ -5860,17 +5995,17 @@ msgstr ""
"pueden ejecutar como."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2168
+#: sssd-ldap.5.xml:2219
msgid "Default: sudoRunAsUser"
msgstr "Por defectot: sudoRunAsUser"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2174
+#: sssd-ldap.5.xml:2225
msgid "ldap_sudorule_runasgroup (string)"
msgstr "ldap_sudorule_runasgroup (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2177
+#: sssd-ldap.5.xml:2228
msgid ""
"The LDAP attribute that corresponds to the group name or group GID that "
"commands may be run as."
@@ -5879,17 +6014,17 @@ msgstr ""
"ejecutar comandos como."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2181
+#: sssd-ldap.5.xml:2232
msgid "Default: sudoRunAsGroup"
msgstr "Por defecto: sudoRunAsGroup"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2187
+#: sssd-ldap.5.xml:2238
msgid "ldap_sudorule_notbefore (string)"
msgstr "ldap_sudorule_notbefore (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2190
+#: sssd-ldap.5.xml:2241
msgid ""
"The LDAP attribute that corresponds to the start date/time for when the sudo "
"rule is valid."
@@ -5898,17 +6033,17 @@ msgstr ""
"regla sudo es válida."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2194
+#: sssd-ldap.5.xml:2245
msgid "Default: sudoNotBefore"
msgstr "Por defecto: sudoNotBefore"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2200
+#: sssd-ldap.5.xml:2251
msgid "ldap_sudorule_notafter (string)"
msgstr "ldap_sudorule_notafter (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2203
+#: sssd-ldap.5.xml:2254
msgid ""
"The LDAP attribute that corresponds to the expiration date/time, after which "
"the sudo rule will no longer be valid."
@@ -5917,32 +6052,32 @@ msgstr ""
"la regla sudo dejará de ser válida."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2208
+#: sssd-ldap.5.xml:2259
msgid "Default: sudoNotAfter"
msgstr "Por defecto: sudoNotAfter"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2214
+#: sssd-ldap.5.xml:2265
msgid "ldap_sudorule_order (string)"
msgstr "ldap_sudorule_order (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2217
+#: sssd-ldap.5.xml:2268
msgid "The LDAP attribute that corresponds to the ordering index of the rule."
msgstr "El atributo LDAP que corresponde al índice de ordenación de la regla."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2221
+#: sssd-ldap.5.xml:2272
msgid "Default: sudoOrder"
msgstr "Por defecto: sudoOrder"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2227
+#: sssd-ldap.5.xml:2278
msgid "ldap_sudo_full_refresh_interval (integer)"
msgstr "ldap_sudo_full_refresh_interval (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2230
+#: sssd-ldap.5.xml:2281
msgid ""
"How many seconds SSSD will wait between executing a full refresh of sudo "
"rules (which downloads all rules that are stored on the server)."
@@ -5952,7 +6087,7 @@ msgstr ""
"servidor)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2235
+#: sssd-ldap.5.xml:2286
msgid ""
"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </"
"emphasis>"
@@ -5961,17 +6096,17 @@ msgstr ""
"emphasis>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2240
+#: sssd-ldap.5.xml:2291
msgid "Default: 21600 (6 hours)"
msgstr "Por defecto: 21600 (6 horas)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2246
+#: sssd-ldap.5.xml:2297
msgid "ldap_sudo_smart_refresh_interval (integer)"
msgstr "ldap_sudo_smart_refresh_interval (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2249
+#: sssd-ldap.5.xml:2300
msgid ""
"How many seconds SSSD has to wait before executing a smart refresh of sudo "
"rules (which downloads all rules that have USN higher than the highest USN "
@@ -5982,7 +6117,7 @@ msgstr ""
"USBN más alto que el USN más alto de las reglas escondidas)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2255
+#: sssd-ldap.5.xml:2306
msgid ""
"If USN attributes are not supported by the server, the modifyTimestamp "
"attribute is used instead."
@@ -5991,12 +6126,12 @@ msgstr ""
"atributo modifyTimestamp."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2265
+#: sssd-ldap.5.xml:2316
msgid "ldap_sudo_use_host_filter (boolean)"
msgstr "ldap_sudo_use_host_filter (booleano)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2268
+#: sssd-ldap.5.xml:2319
msgid ""
"If true, SSSD will download only rules that are applicable to this machine "
"(using the IPv4 or IPv6 host/network addresses and hostnames)."
@@ -6005,12 +6140,12 @@ msgstr ""
"máquina (usando las direcciones de host/red y nombres de host IPv4 o IPv6)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2279
+#: sssd-ldap.5.xml:2330
msgid "ldap_sudo_hostnames (string)"
msgstr "ldap_sudo_hostnames (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2282
+#: sssd-ldap.5.xml:2333
msgid ""
"Space separated list of hostnames or fully qualified domain names that "
"should be used to filter the rules."
@@ -6019,7 +6154,7 @@ msgstr ""
"totalmente cualificados que sería usada para filtrar las reglas."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2287
+#: sssd-ldap.5.xml:2338
msgid ""
"If this option is empty, SSSD will try to discover the hostname and the "
"fully qualified domain name automatically."
@@ -6028,8 +6163,8 @@ msgstr ""
"nombre de dominio totalmente cualificado automáticamente."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2292 sssd-ldap.5.xml:2315 sssd-ldap.5.xml:2333
-#: sssd-ldap.5.xml:2351
+#: sssd-ldap.5.xml:2343 sssd-ldap.5.xml:2366 sssd-ldap.5.xml:2384
+#: sssd-ldap.5.xml:2402
msgid ""
"If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</"
"emphasis> then this option has no effect."
@@ -6038,17 +6173,17 @@ msgstr ""
"emphasis> esta opción no tiene efecto."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2297 sssd-ldap.5.xml:2320
+#: sssd-ldap.5.xml:2348 sssd-ldap.5.xml:2371
msgid "Default: not specified"
msgstr "Por defecto: no especificado"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2303
+#: sssd-ldap.5.xml:2354
msgid "ldap_sudo_ip (string)"
msgstr "ldap_sudo_ip (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2306
+#: sssd-ldap.5.xml:2357
msgid ""
"Space separated list of IPv4 or IPv6 host/network addresses that should be "
"used to filter the rules."
@@ -6057,7 +6192,7 @@ msgstr ""
"usada para filtrar las reglas."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2311
+#: sssd-ldap.5.xml:2362
msgid ""
"If this option is empty, SSSD will try to discover the addresses "
"automatically."
@@ -6066,12 +6201,12 @@ msgstr ""
"automáticamente."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2326
+#: sssd-ldap.5.xml:2377
msgid "ldap_sudo_include_netgroups (boolean)"
msgstr "sudo_include_netgroups (booleano)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2329
+#: sssd-ldap.5.xml:2380
msgid ""
"If true then SSSD will download every rule that contains a netgroup in "
"sudoHost attribute."
@@ -6080,12 +6215,12 @@ msgstr ""
"atributo sudoHost."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2344
+#: sssd-ldap.5.xml:2395
msgid "ldap_sudo_include_regexp (boolean)"
msgstr "ldap_sudo_include_regexp (booleano)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2347
+#: sssd-ldap.5.xml:2398
msgid ""
"If true then SSSD will download every rule that contains a wildcard in "
"sudoHost attribute."
@@ -6094,7 +6229,7 @@ msgstr ""
"atributo sudoHost."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2363
+#: sssd-ldap.5.xml:2414
msgid ""
"This manual page only describes attribute name mapping. For detailed "
"explanation of sudo related attribute semantics, see <citerefentry> "
@@ -6107,12 +6242,12 @@ msgstr ""
"manvolnum> </citerefentry>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2373
+#: sssd-ldap.5.xml:2424
msgid "AUTOFS OPTIONS"
msgstr "OPCIONES AUTOFS"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2375
+#: sssd-ldap.5.xml:2426
msgid ""
"Please note that the default values correspond to the default schema which "
"is RFC2307."
@@ -6121,62 +6256,62 @@ msgstr ""
"defecto del RFC2307."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2381
+#: sssd-ldap.5.xml:2432
msgid "ldap_autofs_map_master_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2384
+#: sssd-ldap.5.xml:2435
msgid "The name of the automount master map in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2387
+#: sssd-ldap.5.xml:2438
msgid "Default: auto.master"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2394
+#: sssd-ldap.5.xml:2445
msgid "ldap_autofs_map_object_class (string)"
msgstr "ldap_autofs_map_object_class (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2397 sssd-ldap.5.xml:2423
+#: sssd-ldap.5.xml:2448 sssd-ldap.5.xml:2474
msgid "The object class of an automount map entry in LDAP."
msgstr "El objeto clase de una entrada de mapa de automontaje en LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2400 sssd-ldap.5.xml:2427
+#: sssd-ldap.5.xml:2451 sssd-ldap.5.xml:2478
msgid "Default: automountMap"
msgstr "Por defecto: automountMap"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2407
+#: sssd-ldap.5.xml:2458
msgid "ldap_autofs_map_name (string)"
msgstr "ldap_autofs_map_name (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2410
+#: sssd-ldap.5.xml:2461
msgid "The name of an automount map entry in LDAP."
msgstr "El nombre de una entrada de mapa de automontaje en LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2413
+#: sssd-ldap.5.xml:2464
msgid "Default: ou"
msgstr "Por defecto: ou"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2420
+#: sssd-ldap.5.xml:2471
msgid "ldap_autofs_entry_object_class (string)"
msgstr "ldap_autofs_entry_object_class (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2434
+#: sssd-ldap.5.xml:2485
msgid "ldap_autofs_entry_key (string)"
msgstr "ldap_autofs_entry_key (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2437 sssd-ldap.5.xml:2451
+#: sssd-ldap.5.xml:2488 sssd-ldap.5.xml:2502
msgid ""
"The key of an automount entry in LDAP. The entry usually corresponds to a "
"mount point."
@@ -6185,17 +6320,17 @@ msgstr ""
"normalmente a un punto de montaje."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2448
+#: sssd-ldap.5.xml:2499
msgid "ldap_autofs_entry_value (string)"
msgstr "ldap_autofs_entry_value (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2455
+#: sssd-ldap.5.xml:2506
msgid "Default: automountInformation"
msgstr "Por defecto: automountInformation"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2379
+#: sssd-ldap.5.xml:2430
msgid ""
"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
@@ -6204,32 +6339,32 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2465
+#: sssd-ldap.5.xml:2516
msgid "ADVANCED OPTIONS"
msgstr "OPCIONES AVANZADAS"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2472
+#: sssd-ldap.5.xml:2523
msgid "ldap_netgroup_search_base (string)"
msgstr "ldap_netgroup_search_base (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2477
+#: sssd-ldap.5.xml:2528
msgid "ldap_user_search_base (string)"
msgstr "ldap_user_search_base (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2482
+#: sssd-ldap.5.xml:2533
msgid "ldap_group_search_base (string)"
msgstr "ldap_group_search_base (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><note>
-#: sssd-ldap.5.xml:2487
+#: sssd-ldap.5.xml:2538
msgid "<note>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para>
-#: sssd-ldap.5.xml:2489
+#: sssd-ldap.5.xml:2540
msgid ""
"If the option <quote>ldap_use_tokengroups</quote> is enabled. The searches "
"against Active Directory will not be restricted and return all groups "
@@ -6238,22 +6373,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist>
-#: sssd-ldap.5.xml:2496
+#: sssd-ldap.5.xml:2547
msgid "</note>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2498
+#: sssd-ldap.5.xml:2549
msgid "ldap_sudo_search_base (string)"
msgstr "ldap_sudo_search_base (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2503
+#: sssd-ldap.5.xml:2554
msgid "ldap_autofs_search_base (string)"
msgstr "ldap_autofs_search_base (cadena)"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2467
+#: sssd-ldap.5.xml:2518
#, fuzzy
#| msgid ""
#| "These options are supported by LDAP domains, but they should be used with "
@@ -6271,7 +6406,7 @@ msgstr ""
">"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2520
+#: sssd-ldap.5.xml:2571
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -6282,7 +6417,7 @@ msgstr ""
"replaceable>."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2526
+#: sssd-ldap.5.xml:2577
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -6302,19 +6437,19 @@ msgstr ""
" cache_credentials = true\n"
#. type: Content of: <refsect1><refsect2><para>
-#: sssd-ldap.5.xml:2525 sssd-ldap.5.xml:2543 sssd-simple.5.xml:139
+#: sssd-ldap.5.xml:2576 sssd-ldap.5.xml:2594 sssd-simple.5.xml:139
#: sssd-ipa.5.xml:726 sssd-ad.5.xml:851 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98
-#: sssd-krb5.5.xml:528 include/ldap_id_mapping.xml:105
+#: sssd-krb5.5.xml:573 include/ldap_id_mapping.xml:105
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr "<placeholder type=\"programlisting\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2537
+#: sssd-ldap.5.xml:2588
msgid "LDAP ACCESS FILTER EXAMPLE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2539
+#: sssd-ldap.5.xml:2590
#, fuzzy
#| msgid ""
#| "The following example assumes that SSSD is correctly configured and LDAP "
@@ -6329,7 +6464,7 @@ msgstr ""
"replaceable>."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2544
+#: sssd-ldap.5.xml:2595
#, fuzzy, no-wrap
#| msgid ""
#| " [domain/LDAP]\n"
@@ -6360,13 +6495,13 @@ msgstr ""
" cache_credentials = true\n"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2559 sssd_krb5_locator_plugin.8.xml:61
+#: sssd-ldap.5.xml:2610 sssd_krb5_locator_plugin.8.xml:61
#: sssd-simple.5.xml:148 sssd-ad.5.xml:866 sssd.8.xml:195 sss_seed.8.xml:163
msgid "NOTES"
msgstr "NOTAS"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2561
+#: sssd-ldap.5.xml:2612
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -7265,7 +7400,7 @@ msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:371 sssd-krb5.5.xml:245
+#: sssd-ipa.5.xml:371 sssd-krb5.5.xml:254
msgid "krb5_validate (boolean)"
msgstr "krb5_validate (boolean)"
@@ -7316,12 +7451,12 @@ msgstr ""
"está disponible con MIT Kerberos >= 1.7"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:419 sssd-krb5.5.xml:407
+#: sssd-ipa.5.xml:419 sssd-krb5.5.xml:416
msgid "krb5_use_fast (string)"
msgstr "krb5_use_fast (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:422 sssd-krb5.5.xml:410
+#: sssd-ipa.5.xml:422 sssd-krb5.5.xml:419
msgid ""
"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-"
"authentication. The following options are supported:"
@@ -7343,7 +7478,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:436 sssd-krb5.5.xml:424
+#: sssd-ipa.5.xml:436 sssd-krb5.5.xml:433
msgid ""
"<emphasis>demand</emphasis> to use FAST. The authentication fails if the "
"server does not require fast."
@@ -7355,7 +7490,7 @@ msgid "Default: try"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:444 sssd-krb5.5.xml:435
+#: sssd-ipa.5.xml:444 sssd-krb5.5.xml:444
msgid ""
"NOTE: SSSD supports FAST only with MIT Kerberos version 1.8 and later. If "
"SSSD is used with an older version of MIT Kerberos, using this option is a "
@@ -8504,12 +8639,12 @@ msgid "Default: True"
msgstr "Predeterminado: True"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:797 sssd-krb5.5.xml:496
+#: sssd-ad.5.xml:797 sssd-krb5.5.xml:505
msgid "krb5_use_enterprise_principal (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:800 sssd-krb5.5.xml:499
+#: sssd-ad.5.xml:800 sssd-krb5.5.xml:508
msgid ""
"Specifies if the user principal should be treated as enterprise principal. "
"See section 5 of RFC 6806 for more details about enterprise principals."
@@ -9675,16 +9810,32 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:225
+#, fuzzy
+#| msgid ""
+#| "Please refer to the <quote>dns_discovery_domain</quote> parameter in the "
+#| "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
+#| "manvolnum> </citerefentry> manual page for more details."
+msgid ""
+"NOTE: Please be aware that libkrb5 ccache expansion template from "
+"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> uses different expansion sequences than SSSD."
+msgstr ""
+"Por favor vea el parámetro <quote>dns_discovery_domain</quote> en la página "
+"de manual <citerefentry> <refentrytitle>sssd.conf</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> para más detalles."
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:234
msgid "Default: (from libkrb5)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:231
+#: sssd-krb5.5.xml:240
msgid "krb5_auth_timeout (integer)"
msgstr "krb5_auth_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:234
+#: sssd-krb5.5.xml:243
msgid ""
"Timeout in seconds after an online authentication request or change password "
"request is aborted. If possible, the authentication request is continued "
@@ -9692,7 +9843,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:248
+#: sssd-krb5.5.xml:257
msgid ""
"Verify with the help of krb5_keytab that the TGT obtained has not been "
"spoofed. The keytab is checked for entries sequentially, and the first entry "
@@ -9703,12 +9854,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:263
+#: sssd-krb5.5.xml:272
msgid "krb5_keytab (string)"
msgstr "krb5_keytab (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:266
+#: sssd-krb5.5.xml:275
msgid ""
"The location of the keytab to use when validating credentials obtained from "
"KDCs."
@@ -9717,24 +9868,24 @@ msgstr ""
"validadas desde KDCs."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:270
+#: sssd-krb5.5.xml:279
msgid "Default: /etc/krb5.keytab"
msgstr "Predeterminado: /etc/krb5.keytab"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:276
+#: sssd-krb5.5.xml:285
msgid "krb5_store_password_if_offline (boolean)"
msgstr "krb5_store_password_if_offline (boolean)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:279
+#: sssd-krb5.5.xml:288
msgid ""
"Store the password of the user if the provider is offline and use it to "
"request a TGT when the provider comes online again."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:284
+#: sssd-krb5.5.xml:293
msgid ""
"NOTE: this feature is only available on Linux. Passwords stored in this way "
"are kept in plaintext in the kernel keyring and are potentially accessible "
@@ -9742,80 +9893,80 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:297
+#: sssd-krb5.5.xml:306
msgid "krb5_renewable_lifetime (string)"
msgstr "krb5_renewable_lifetime (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:300
+#: sssd-krb5.5.xml:309
msgid ""
"Request a renewable ticket with a total lifetime, given as an integer "
"immediately followed by a time unit:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:305 sssd-krb5.5.xml:339 sssd-krb5.5.xml:376
+#: sssd-krb5.5.xml:314 sssd-krb5.5.xml:348 sssd-krb5.5.xml:385
msgid "<emphasis>s</emphasis> for seconds"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:308 sssd-krb5.5.xml:342 sssd-krb5.5.xml:379
+#: sssd-krb5.5.xml:317 sssd-krb5.5.xml:351 sssd-krb5.5.xml:388
msgid "<emphasis>m</emphasis> for minutes"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:311 sssd-krb5.5.xml:345 sssd-krb5.5.xml:382
+#: sssd-krb5.5.xml:320 sssd-krb5.5.xml:354 sssd-krb5.5.xml:391
msgid "<emphasis>h</emphasis> for hours"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:314 sssd-krb5.5.xml:348 sssd-krb5.5.xml:385
+#: sssd-krb5.5.xml:323 sssd-krb5.5.xml:357 sssd-krb5.5.xml:394
msgid "<emphasis>d</emphasis> for days."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:317 sssd-krb5.5.xml:388
+#: sssd-krb5.5.xml:326 sssd-krb5.5.xml:397
msgid "If there is no unit given, <emphasis>s</emphasis> is assumed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:321 sssd-krb5.5.xml:392
+#: sssd-krb5.5.xml:330 sssd-krb5.5.xml:401
msgid ""
"NOTE: It is not possible to mix units. To set the renewable lifetime to one "
"and a half hours, use '90m' instead of '1h30m'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:326
+#: sssd-krb5.5.xml:335
msgid "Default: not set, i.e. the TGT is not renewable"
msgstr "Por defecto: no fijado, esto es el TGT no es renovable"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:332
+#: sssd-krb5.5.xml:341
msgid "krb5_lifetime (string)"
msgstr "krb5_lifetime (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:335
+#: sssd-krb5.5.xml:344
msgid ""
"Request ticket with a lifetime, given as an integer immediately followed by "
"a time unit:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:351
+#: sssd-krb5.5.xml:360
msgid "If there is no unit given <emphasis>s</emphasis> is assumed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:355
+#: sssd-krb5.5.xml:364
msgid ""
"NOTE: It is not possible to mix units. To set the lifetime to one and a "
"half hours please use '90m' instead of '1h30m'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:360
+#: sssd-krb5.5.xml:369
msgid ""
"Default: not set, i.e. the default ticket lifetime configured on the KDC."
msgstr ""
@@ -9823,12 +9974,12 @@ msgstr ""
"configurado en el KDC."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:367
+#: sssd-krb5.5.xml:376
msgid "krb5_renew_interval (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:370
+#: sssd-krb5.5.xml:379
msgid ""
"The time in seconds between two checks if the TGT should be renewed. TGTs "
"are renewed if about half of their lifetime is exceeded, given as an integer "
@@ -9836,56 +9987,91 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:397
+#: sssd-krb5.5.xml:406
msgid "If this option is not set or is 0 the automatic renewal is disabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:415
+#: sssd-krb5.5.xml:424
msgid ""
"<emphasis>never</emphasis> use FAST. This is equivalent to not setting this "
"option at all."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:419
+#: sssd-krb5.5.xml:428
msgid ""
"<emphasis>try</emphasis> to use FAST. If the server does not support FAST, "
"continue the authentication without it."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:429
+#: sssd-krb5.5.xml:438
msgid "Default: not set, i.e. FAST is not used."
msgstr "Por defecto: no fijado, esto es no se usa FAST."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:432
+#: sssd-krb5.5.xml:441
msgid "NOTE: a keytab is required to use FAST."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:444
+#: sssd-krb5.5.xml:453
msgid "krb5_fast_principal (string)"
msgstr "krb5_fast_principal (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:447
+#: sssd-krb5.5.xml:456
msgid "Specifies the server principal to use for FAST."
msgstr "Especifica el servidor principal para usar por FAST."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:456
+#: sssd-krb5.5.xml:465
msgid ""
"Specifies if the host and user principal should be canonicalized. This "
"feature is available with MIT Kerberos 1.7 and later versions."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:505
+#: sssd-krb5.5.xml:514
msgid "Default: false (AD provider: true)"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:520
+#, fuzzy
+#| msgid "krb5_use_fast (string)"
+msgid "krb5_map_user (string)"
+msgstr "krb5_use_fast (cadena)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:523
+msgid ""
+"The list of mappings is given as a comma-separated list of pairs "
+"<quote>username:primary</quote> where <quote>username</quote> is a UNIX user "
+"name and <quote>primary</quote> is a user part of a kerberos principal. This "
+"mapping is used when user is authenticating using <quote>auth_provider = "
+"krb5</quote>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd-krb5.5.xml:535
+#, no-wrap
+msgid ""
+"krb5_realm = REALM\n"
+"krb5_map_user = joe:juser,dick:richard\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:540
+msgid ""
+"<quote>joe</quote> and <quote>dick</quote> are UNIX user names and "
+"<quote>juser</quote> and <quote>richard</quote> are primaries of kerberos "
+"principals. For user <quote>joe</quote> resp. <quote>dick</quote> SSSD will "
+"try to kinit as <quote>juser@REALM</quote> resp. <quote>richard@REALM</"
+"quote>."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-krb5.5.xml:65
msgid ""
@@ -9897,7 +10083,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-krb5.5.xml:521
+#: sssd-krb5.5.xml:566
msgid ""
"The following example assumes that SSSD is correctly configured and FOO is "
"one of the domains in the <replaceable>[sssd]</replaceable> section. This "
@@ -9906,7 +10092,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-krb5.5.xml:529
+#: sssd-krb5.5.xml:574
#, no-wrap
msgid ""
" [domain/FOO]\n"
diff --git a/src/man/po/eu.po b/src/man/po/eu.po
index 8b611f094..7a60be3b3 100644
--- a/src/man/po/eu.po
+++ b/src/man/po/eu.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: sssd-docs 1.12.2\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2015-02-18 16:52+0100\n"
+"POT-Creation-Date: 2015-06-12 10:36+0200\n"
"PO-Revision-Date: 2014-06-04 02:04-0400\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Basque (http://www.transifex.com/projects/p/sssd/language/"
@@ -17,7 +17,7 @@ msgstr ""
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"
-"X-Generator: Zanata 3.5.1\n"
+"X-Generator: Zanata 3.6.2\n"
#. type: Content of: <reference><title>
#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5
@@ -224,11 +224,11 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:81 sssd.conf.5.xml:571 sssd.conf.5.xml:1014
+#: sssd.conf.5.xml:81 sssd.conf.5.xml:602 sssd.conf.5.xml:1066
#: sssd-ldap.5.xml:1625 sssd-ldap.5.xml:1722 sssd-ldap.5.xml:1784
-#: sssd-ldap.5.xml:2273 sssd-ldap.5.xml:2338 sssd-ldap.5.xml:2356
+#: sssd-ldap.5.xml:2324 sssd-ldap.5.xml:2389 sssd-ldap.5.xml:2407
#: sssd-ipa.5.xml:378 sssd-ipa.5.xml:413 sssd-ad.5.xml:166 sssd-ad.5.xml:264
-#: sssd-ad.5.xml:714 sssd-ad.5.xml:806 sssd-krb5.5.xml:490
+#: sssd-ad.5.xml:714 sssd-ad.5.xml:806 sssd-krb5.5.xml:499
msgid "Default: true"
msgstr ""
@@ -245,16 +245,16 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:94 sssd.conf.5.xml:968 sssd.conf.5.xml:2043
+#: sssd.conf.5.xml:94 sssd.conf.5.xml:1020 sssd.conf.5.xml:2095
#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1499 sssd-ldap.5.xml:1518
-#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:2060 sssd-ipa.5.xml:139
-#: sssd-ipa.5.xml:208 sssd-ipa.5.xml:543 sssd-krb5.5.xml:257
-#: sssd-krb5.5.xml:291 sssd-krb5.5.xml:462
+#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:2111 sssd-ipa.5.xml:139
+#: sssd-ipa.5.xml:208 sssd-ipa.5.xml:543 sssd-krb5.5.xml:266
+#: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471
msgid "Default: false"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:67 sssd.conf.5.xml:105 sssd-ldap.5.xml:2081
+#: sssd.conf.5.xml:67 sssd.conf.5.xml:105 sssd-ldap.5.xml:2132
msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
@@ -291,7 +291,7 @@ msgid "The [sssd] section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:137 sssd.conf.5.xml:2127
+#: sssd.conf.5.xml:137 sssd.conf.5.xml:2179
msgid "Section parameters"
msgstr ""
@@ -360,7 +360,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:193 sssd.conf.5.xml:1826
+#: sssd.conf.5.xml:193 sssd.conf.5.xml:1878
msgid "re_expression (string)"
msgstr ""
@@ -380,12 +380,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:210 sssd.conf.5.xml:1877
+#: sssd.conf.5.xml:210 sssd.conf.5.xml:1929
msgid "full_name_format (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:213 sssd.conf.5.xml:1880
+#: sssd.conf.5.xml:213 sssd.conf.5.xml:1932
msgid ""
"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
"manvolnum> </citerefentry>-compatible format that describes how to compose a "
@@ -393,39 +393,39 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:224 sssd.conf.5.xml:1891
+#: sssd.conf.5.xml:224 sssd.conf.5.xml:1943
msgid "%1$s"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:225 sssd.conf.5.xml:1892
+#: sssd.conf.5.xml:225 sssd.conf.5.xml:1944
msgid "user name"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:228 sssd.conf.5.xml:1895
+#: sssd.conf.5.xml:228 sssd.conf.5.xml:1947
msgid "%2$s"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:231 sssd.conf.5.xml:1898
+#: sssd.conf.5.xml:231 sssd.conf.5.xml:1950
msgid "domain name as specified in the SSSD config file."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:237 sssd.conf.5.xml:1904
+#: sssd.conf.5.xml:237 sssd.conf.5.xml:1956
msgid "%3$s"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:240 sssd.conf.5.xml:1907
+#: sssd.conf.5.xml:240 sssd.conf.5.xml:1959
msgid ""
"domain flat name. Mostly usable for Active Directory domains, both directly "
"configured or discovered via IPA trusts."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:221 sssd.conf.5.xml:1888
+#: sssd.conf.5.xml:221 sssd.conf.5.xml:1940
msgid ""
"The following expansions are supported: <placeholder type=\"variablelist\" "
"id=\"0\"/>"
@@ -542,8 +542,8 @@ msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:336 sssd-ldap.5.xml:663 sssd-ldap.5.xml:1458
#: sssd-ldap.5.xml:1470 sssd-ldap.5.xml:1552 sssd-ad.5.xml:557
-#: sssd-ad.5.xml:627 sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:203
-#: include/ldap_id_mapping.xml:214
+#: sssd-ad.5.xml:627 sssd-krb5.5.xml:410 sssd-krb5.5.xml:550
+#: include/ldap_id_mapping.xml:203 include/ldap_id_mapping.xml:214
msgid "Default: not set"
msgstr ""
@@ -646,18 +646,18 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:427 sssd.conf.5.xml:443 sssd.conf.5.xml:475
-#: sssd.conf.5.xml:702 sssd.conf.5.xml:888 sssd.conf.5.xml:1209
+#: sssd.conf.5.xml:733 sssd.conf.5.xml:919 sssd.conf.5.xml:1261
#: sssd-ldap.5.xml:1200
msgid "Default: 60"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:432 sssd.conf.5.xml:1198
+#: sssd.conf.5.xml:432 sssd.conf.5.xml:1250
msgid "force_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:435 sssd.conf.5.xml:1201
+#: sssd.conf.5.xml:435 sssd.conf.5.xml:1253
msgid ""
"If a service is not responding to ping checks (see the <quote>timeout</"
"quote> option), it is first sent the SIGTERM signal that instructs it to "
@@ -704,41 +704,93 @@ msgid ""
"will be forced to one hour."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:480
+msgid "subdomain_inherit (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:483
+msgid ""
+"Specifies a list of configuration parameters that should be inherited by a "
+"subdomain. Please note that only selected parameters can be inherited. "
+"Currently the following options can be inherited:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:489
+msgid "ignore_group_members"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:492
+msgid "ldap_purge_cache_timeout"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:495 sssd-ldap.5.xml:1017
+msgid "ldap_use_tokengroups"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:498
+msgid "ldap_user_principal"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd.conf.5.xml:503
+#, no-wrap
+msgid ""
+"subdomain_inherit = ldap_purge_cache_timeout\n"
+" "
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:501
+msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:507 sssd.conf.5.xml:963 sssd.conf.5.xml:984
+#: sssd.conf.5.xml:1244 sssd-ldap.5.xml:1753
+msgid "Default: none"
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:484
+#: sssd.conf.5.xml:515
msgid "NSS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:486
+#: sssd.conf.5.xml:517
msgid ""
"These options can be used to configure the Name Service Switch (NSS) service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:491
+#: sssd.conf.5.xml:522
msgid "enum_cache_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:494
+#: sssd.conf.5.xml:525
msgid ""
"How many seconds should nss_sss cache enumerations (requests for info about "
"all users)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:498
+#: sssd.conf.5.xml:529
msgid "Default: 120"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:503
+#: sssd.conf.5.xml:534
msgid "entry_cache_nowait_percentage (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:506
+#: sssd.conf.5.xml:537
msgid ""
"The entry cache can be set to automatically update entries in the background "
"if they are requested beyond a percentage of the entry_cache_timeout value "
@@ -746,7 +798,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:512
+#: sssd.conf.5.xml:543
msgid ""
"For example, if the domain's entry_cache_timeout is set to 30s and "
"entry_cache_nowait_percentage is set to 50 (percent), entries that come in "
@@ -756,7 +808,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:522
+#: sssd.conf.5.xml:553
msgid ""
"Valid values for this option are 0-99 and represent a percentage of the "
"entry_cache_timeout for each domain. For performance reasons, this "
@@ -765,17 +817,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:530
+#: sssd.conf.5.xml:561
msgid "Default: 50"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:535
+#: sssd.conf.5.xml:566
msgid "entry_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:538
+#: sssd.conf.5.xml:569
msgid ""
"Specifies for how many seconds nss_sss should cache negative cache hits "
"(that is, queries for invalid database entries, like nonexistent ones) "
@@ -783,17 +835,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:544 sssd.conf.5.xml:992
+#: sssd.conf.5.xml:575 sssd.conf.5.xml:1044
msgid "Default: 15"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:549
+#: sssd.conf.5.xml:580
msgid "filter_users, filter_groups (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:552
+#: sssd.conf.5.xml:583
msgid ""
"Exclude certain users from being fetched from the sss NSS database. This is "
"particularly useful for system accounts. This option can also be set per-"
@@ -802,41 +854,41 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:559
+#: sssd.conf.5.xml:590
msgid "Default: root"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:564
+#: sssd.conf.5.xml:595
msgid "filter_users_in_groups (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:567
+#: sssd.conf.5.xml:598
msgid ""
"If you want filtered user still be group members set this option to false."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:578
+#: sssd.conf.5.xml:609
msgid "fallback_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:581
+#: sssd.conf.5.xml:612
msgid ""
"Set a default template for a user's home directory if one is not specified "
"explicitly by the domain's data provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:586
+#: sssd.conf.5.xml:617
msgid ""
"The available values for this option are the same as for override_homedir."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
-#: sssd.conf.5.xml:592
+#: sssd.conf.5.xml:623
#, no-wrap
msgid ""
"fallback_homedir = /home/%u\n"
@@ -844,22 +896,23 @@ msgid ""
msgstr ""
#. type: Content of: <varlistentry><listitem><para>
-#: sssd.conf.5.xml:590 include/override_homedir.xml:55
+#: sssd.conf.5.xml:621 sssd.conf.5.xml:978 sssd-krb5.5.xml:533
+#: include/override_homedir.xml:55
msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:596
+#: sssd.conf.5.xml:627
msgid "Default: not set (no substitution for unset home directories)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:602
+#: sssd.conf.5.xml:633
msgid "override_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:605
+#: sssd.conf.5.xml:636
msgid ""
"Override the login shell for all users. This option supersedes any other "
"shell options if it takes effect and can be set either in the [nss] section "
@@ -867,47 +920,47 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:611
+#: sssd.conf.5.xml:642
msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:617
+#: sssd.conf.5.xml:648
msgid "allowed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:620
+#: sssd.conf.5.xml:651
msgid ""
"Restrict user shell to one of the listed values. The order of evaluation is:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:623
+#: sssd.conf.5.xml:654
msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:627
+#: sssd.conf.5.xml:658
msgid ""
"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
"quote>, use the value of the shell_fallback parameter."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:632
+#: sssd.conf.5.xml:663
msgid ""
"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
"shells</quote>, a nologin shell is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:637
+#: sssd.conf.5.xml:668
msgid "The wildcard (*) can be used to allow any shell."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:640
+#: sssd.conf.5.xml:671
msgid ""
"The (*) is useful if you want to use shell_fallback in case that user's "
"shell is not in <quote>/etc/shells</quote> and maintaining list of all "
@@ -915,103 +968,103 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:647
+#: sssd.conf.5.xml:678
msgid "An empty string for shell is passed as-is to libc."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:650
+#: sssd.conf.5.xml:681
msgid ""
"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
"that a restart of the SSSD is required in case a new shell is installed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:654
+#: sssd.conf.5.xml:685
msgid "Default: Not set. The user shell is automatically used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:659
+#: sssd.conf.5.xml:690
msgid "vetoed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:662
+#: sssd.conf.5.xml:693
msgid "Replace any instance of these shells with the shell_fallback"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:667
+#: sssd.conf.5.xml:698
msgid "shell_fallback (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:670
+#: sssd.conf.5.xml:701
msgid ""
"The default shell to use if an allowed shell is not installed on the machine."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:674
+#: sssd.conf.5.xml:705
msgid "Default: /bin/sh"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:679
+#: sssd.conf.5.xml:710
msgid "default_shell"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:682
+#: sssd.conf.5.xml:713
msgid ""
"The default shell to use if the provider does not return one during lookup. "
"This option can be specified globally in the [nss] section or per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:688
+#: sssd.conf.5.xml:719
msgid ""
"Default: not set (Return NULL if no shell is specified and rely on libc to "
"substitute something sensible when necessary, usually /bin/sh)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:695 sssd.conf.5.xml:881
+#: sssd.conf.5.xml:726 sssd.conf.5.xml:912
msgid "get_domains_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:698 sssd.conf.5.xml:884
+#: sssd.conf.5.xml:729 sssd.conf.5.xml:915
msgid ""
"Specifies time in seconds for which the list of subdomains will be "
"considered valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:707
+#: sssd.conf.5.xml:738
msgid "memcache_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:710
+#: sssd.conf.5.xml:741
msgid ""
"Specifies time in seconds for which records in the in-memory cache will be "
"valid"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:714 sssd-ldap.5.xml:706
+#: sssd.conf.5.xml:745 sssd-ldap.5.xml:706
msgid "Default: 300"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:719 sssd-ifp.5.xml:74
+#: sssd.conf.5.xml:750 sssd-ifp.5.xml:74
msgid "user_attributes (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:722
+#: sssd.conf.5.xml:753
msgid ""
"Some of the additional NSS responder requests can return more attributes "
"than just the POSIX ones defined by the NSS interface. The list of "
@@ -1022,72 +1075,72 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:735
+#: sssd.conf.5.xml:766
msgid ""
"To make configuration more easy the NSS responder will check the InfoPipe "
"option if it is not set for the NSS responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:740
+#: sssd.conf.5.xml:771
msgid "Default: not set, fallback to InfoPipe option"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:747
+#: sssd.conf.5.xml:778
msgid "PAM configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:749
+#: sssd.conf.5.xml:780
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:754
+#: sssd.conf.5.xml:785
msgid "offline_credentials_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:757
+#: sssd.conf.5.xml:788
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:762 sssd.conf.5.xml:775
+#: sssd.conf.5.xml:793 sssd.conf.5.xml:806
msgid "Default: 0 (No limit)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:768
+#: sssd.conf.5.xml:799
msgid "offline_failed_login_attempts (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:771
+#: sssd.conf.5.xml:802
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:781
+#: sssd.conf.5.xml:812
msgid "offline_failed_login_delay (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:784
+#: sssd.conf.5.xml:815
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:789
+#: sssd.conf.5.xml:820
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -1095,59 +1148,59 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:795 sssd.conf.5.xml:848
+#: sssd.conf.5.xml:826 sssd.conf.5.xml:879
msgid "Default: 5"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:801
+#: sssd.conf.5.xml:832
msgid "pam_verbosity (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:804
+#: sssd.conf.5.xml:835
msgid ""
"Controls what kind of messages are shown to the user during authentication. "
"The higher the number to more messages are displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:809
+#: sssd.conf.5.xml:840
msgid "Currently sssd supports the following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:812
+#: sssd.conf.5.xml:843
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:815
+#: sssd.conf.5.xml:846
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:819
+#: sssd.conf.5.xml:850
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:822
+#: sssd.conf.5.xml:853
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:826 sssd.8.xml:63
+#: sssd.conf.5.xml:857 sssd.8.xml:63
msgid "Default: 1"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:831
+#: sssd.conf.5.xml:862
msgid "pam_id_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:834
+#: sssd.conf.5.xml:865
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -1155,7 +1208,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:840
+#: sssd.conf.5.xml:871
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a per-"
@@ -1164,17 +1217,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:854
+#: sssd.conf.5.xml:885
msgid "pam_pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:857 sssd.conf.5.xml:1390
+#: sssd.conf.5.xml:888 sssd.conf.5.xml:1442
msgid "Display a warning N days before the password expires."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:860
+#: sssd.conf.5.xml:891
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1182,31 +1235,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:866 sssd.conf.5.xml:1393
+#: sssd.conf.5.xml:897 sssd.conf.5.xml:1445
msgid ""
"If zero is set, then this filter is not applied, i.e. if the expiration "
"warning was received from backend server, it will automatically be displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:871
+#: sssd.conf.5.xml:902
msgid ""
"This setting can be overridden by setting <emphasis>pwd_expiration_warning</"
"emphasis> for a particular domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:876 sssd.8.xml:79
+#: sssd.conf.5.xml:907 sssd.8.xml:79
msgid "Default: 0"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:893
+#: sssd.conf.5.xml:924
msgid "pam_trusted_users (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:896
+#: sssd.conf.5.xml:927
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAM responder. User names are resolved to UIDs at "
@@ -1214,59 +1267,75 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:902
+#: sssd.conf.5.xml:933
msgid "Default: all (All users are allowed to access the PAM responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:906
+#: sssd.conf.5.xml:937
msgid ""
"Please note that UID 0 is always allowed to access the PAM responder even in "
"case it is not in the pam_trusted_users list."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:913
+#: sssd.conf.5.xml:944
msgid "pam_public_domains (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:916
+#: sssd.conf.5.xml:947
msgid ""
"Specifies the comma-separated list of domain names that are accessible even "
"to untrusted users."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:920
+#: sssd.conf.5.xml:951
msgid "Two special values for pam_public_domains option are defined:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:924
+#: sssd.conf.5.xml:955
msgid ""
"all (Untrusted users are allowed to access all domains in PAM responder.)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:928
+#: sssd.conf.5.xml:959
msgid ""
"none (Untrusted users are not allowed to access any domains PAM in "
"responder.)"
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:932 sssd.conf.5.xml:1192 sssd-ldap.5.xml:1753
-msgid "Default: none"
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:968
+msgid "pam_account_expired_message (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:971
+msgid ""
+"If user is authenticating using SSH keys and account is expired then by "
+"default 'Permission denied' is output. This output will be changed to "
+"content of this variable if it is set."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd.conf.5.xml:980
+#, no-wrap
+msgid ""
+"pam_account_expired_message = Account expired, please call help desk.\n"
+" "
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:941
+#: sssd.conf.5.xml:993
msgid "SUDO configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:943
+#: sssd.conf.5.xml:995
msgid ""
"These options can be used to configure the sudo service. The detailed "
"instructions for configuration of <citerefentry> <refentrytitle>sudo</"
@@ -1277,34 +1346,34 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:960
+#: sssd.conf.5.xml:1012
msgid "sudo_timed (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:1015
msgid ""
"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
"that implement time-dependent sudoers entries."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:976
+#: sssd.conf.5.xml:1028
msgid "AUTOFS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:978
+#: sssd.conf.5.xml:1030
msgid "These options can be used to configure the autofs service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:982
+#: sssd.conf.5.xml:1034
msgid "autofs_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:985
+#: sssd.conf.5.xml:1037
msgid ""
"Specifies for how many seconds should the autofs responder negative cache "
"hits (that is, queries for invalid map entries, like nonexistent ones) "
@@ -1312,51 +1381,51 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1001
+#: sssd.conf.5.xml:1053
msgid "SSH configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1003
+#: sssd.conf.5.xml:1055
msgid "These options can be used to configure the SSH service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1007
+#: sssd.conf.5.xml:1059
msgid "ssh_hash_known_hosts (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1010
+#: sssd.conf.5.xml:1062
msgid ""
"Whether or not to hash host names and addresses in the managed known_hosts "
"file."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1019
+#: sssd.conf.5.xml:1071
msgid "ssh_known_hosts_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1022
+#: sssd.conf.5.xml:1074
msgid ""
"How many seconds to keep a host in the managed known_hosts file after its "
"host keys were requested."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1026
+#: sssd.conf.5.xml:1078
msgid "Default: 180"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1034
+#: sssd.conf.5.xml:1086
msgid "PAC responder configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1036
+#: sssd.conf.5.xml:1088
msgid ""
"The PAC responder works together with the authorization data plugin for MIT "
"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
@@ -1368,7 +1437,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1045
+#: sssd.conf.5.xml:1097
msgid ""
"If the remote user does not exist in the cache, it is created. The uid is "
"determined with the help of the SID, trusted domains will have UPGs and the "
@@ -1379,24 +1448,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1053
+#: sssd.conf.5.xml:1105
msgid ""
"If there are SIDs of groups from domains sssd knows about, the user will be "
"added to those groups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1059
+#: sssd.conf.5.xml:1111
msgid "These options can be used to configure the PAC responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1063 sssd-ifp.5.xml:50
+#: sssd.conf.5.xml:1115 sssd-ifp.5.xml:50
msgid "allowed_uids (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1066
+#: sssd.conf.5.xml:1118
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAC responder. User names are resolved to UIDs at "
@@ -1404,12 +1473,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1072
+#: sssd.conf.5.xml:1124
msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1076
+#: sssd.conf.5.xml:1128
msgid ""
"Please note that although the UID 0 is used as the default it will be "
"overwritten with this option. If you still want to allow the root user to "
@@ -1418,24 +1487,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:1090
+#: sssd.conf.5.xml:1142
msgid "DOMAIN SECTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1097
+#: sssd.conf.5.xml:1149
msgid "min_id,max_id (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1100
+#: sssd.conf.5.xml:1152
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1105
+#: sssd.conf.5.xml:1157
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For non-"
@@ -1444,47 +1513,47 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1112
+#: sssd.conf.5.xml:1164
msgid ""
"These ID limits affect even saving entries to cache, not only returning them "
"by name or ID."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1116
+#: sssd.conf.5.xml:1168
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1122
+#: sssd.conf.5.xml:1174
msgid "enumerate (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1125
+#: sssd.conf.5.xml:1177
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1129
+#: sssd.conf.5.xml:1181
msgid "TRUE = Users and groups are enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1132
+#: sssd.conf.5.xml:1184
msgid "FALSE = No enumerations for this domain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1135 sssd.conf.5.xml:1367 sssd.conf.5.xml:1476
-#: sssd.conf.5.xml:1493
+#: sssd.conf.5.xml:1187 sssd.conf.5.xml:1419 sssd.conf.5.xml:1528
+#: sssd.conf.5.xml:1545
msgid "Default: FALSE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1138
+#: sssd.conf.5.xml:1190
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
@@ -1496,14 +1565,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1151
+#: sssd.conf.5.xml:1203
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1156
+#: sssd.conf.5.xml:1208
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -1512,39 +1581,39 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1164
+#: sssd.conf.5.xml:1216
msgid ""
"For the reasons cited above, enabling enumeration is not recommended, "
"especially in large environments."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1172
+#: sssd.conf.5.xml:1224
msgid "subdomain_enumerate (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1179
+#: sssd.conf.5.xml:1231
msgid "all"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1180
+#: sssd.conf.5.xml:1232
msgid "All discovered trusted domains will be enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1183
+#: sssd.conf.5.xml:1235
msgid "none"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1184
+#: sssd.conf.5.xml:1236
msgid "No discovered trusted domains will be enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1175
+#: sssd.conf.5.xml:1227
msgid ""
"Whether any of autodetected trusted domains should be enumerated. The "
"supported values are: <placeholder type=\"variablelist\" id=\"0\"/> "
@@ -1553,19 +1622,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1215
+#: sssd.conf.5.xml:1267
msgid "entry_cache_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1218
+#: sssd.conf.5.xml:1270
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1222
+#: sssd.conf.5.xml:1274
msgid ""
"The cache expiration timestamps are stored as attributes of individual "
"objects in the cache. Therefore, changing the cache timeout only has effect "
@@ -1576,150 +1645,151 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1235
+#: sssd.conf.5.xml:1287
msgid "Default: 5400"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1241
+#: sssd.conf.5.xml:1293
msgid "entry_cache_user_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1244
+#: sssd.conf.5.xml:1296
msgid ""
"How many seconds should nss_sss consider user entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1248 sssd.conf.5.xml:1261 sssd.conf.5.xml:1274
-#: sssd.conf.5.xml:1287 sssd.conf.5.xml:1300 sssd.conf.5.xml:1314
-#: sssd.conf.5.xml:1328
+#: sssd.conf.5.xml:1300 sssd.conf.5.xml:1313 sssd.conf.5.xml:1326
+#: sssd.conf.5.xml:1339 sssd.conf.5.xml:1352 sssd.conf.5.xml:1366
+#: sssd.conf.5.xml:1380
msgid "Default: entry_cache_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1254
+#: sssd.conf.5.xml:1306
msgid "entry_cache_group_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1257
+#: sssd.conf.5.xml:1309
msgid ""
"How many seconds should nss_sss consider group entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1267
+#: sssd.conf.5.xml:1319
msgid "entry_cache_netgroup_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1270
+#: sssd.conf.5.xml:1322
msgid ""
"How many seconds should nss_sss consider netgroup entries valid before "
"asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1280
+#: sssd.conf.5.xml:1332
msgid "entry_cache_service_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1283
+#: sssd.conf.5.xml:1335
msgid ""
"How many seconds should nss_sss consider service entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1293
+#: sssd.conf.5.xml:1345
msgid "entry_cache_sudo_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1296
+#: sssd.conf.5.xml:1348
msgid ""
"How many seconds should sudo consider rules valid before asking the backend "
"again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1306
+#: sssd.conf.5.xml:1358
msgid "entry_cache_autofs_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1309
+#: sssd.conf.5.xml:1361
msgid ""
"How many seconds should the autofs service consider automounter maps valid "
"before asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1320
+#: sssd.conf.5.xml:1372
msgid "entry_cache_ssh_host_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1323
+#: sssd.conf.5.xml:1375
msgid ""
"How many seconds to keep a host ssh key after refresh. IE how long to cache "
"the host key for."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1334
+#: sssd.conf.5.xml:1386
msgid "refresh_expired_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1337
+#: sssd.conf.5.xml:1389
msgid ""
"Specifies how many seconds SSSD has to wait before triggering a background "
"refresh task which will refresh all expired or nearly expired records."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1342
-msgid "Currently only refreshing expired netgroups is supported."
+#: sssd.conf.5.xml:1394
+msgid ""
+"The background refresh will process users, groups and netgroups in the cache."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1346
+#: sssd.conf.5.xml:1398
msgid "You can consider setting this value to 3/4 * entry_cache_timeout."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1350 sssd-ipa.5.xml:224
+#: sssd.conf.5.xml:1402 sssd-ipa.5.xml:224
msgid "Default: 0 (disabled)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1356
+#: sssd.conf.5.xml:1408
msgid "cache_credentials (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1359
+#: sssd.conf.5.xml:1411
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1363
+#: sssd.conf.5.xml:1415
msgid "User credentials are stored in a SHA512 hash, not in plaintext"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1372
+#: sssd.conf.5.xml:1424
msgid "account_cache_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1375
+#: sssd.conf.5.xml:1427
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -1728,17 +1798,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1382
+#: sssd.conf.5.xml:1434
msgid "Default: 0 (unlimited)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1387
+#: sssd.conf.5.xml:1439
msgid "pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1398
+#: sssd.conf.5.xml:1450
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1747,33 +1817,33 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1405
+#: sssd.conf.5.xml:1457
msgid "Default: 7 (Kerberos), 0 (LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1411
+#: sssd.conf.5.xml:1463
msgid "id_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1414
+#: sssd.conf.5.xml:1466
msgid ""
"The identification provider used for the domain. Supported ID providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1418
+#: sssd.conf.5.xml:1470
msgid "<quote>proxy</quote>: Support a legacy NSS provider"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1421 sssd.conf.5.xml:1539
+#: sssd.conf.5.xml:1473 sssd.conf.5.xml:1591
msgid "<quote>local</quote>: SSSD internal provider for local users"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1425
+#: sssd.conf.5.xml:1477
msgid ""
"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
@@ -1781,8 +1851,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1433 sssd.conf.5.xml:1519 sssd.conf.5.xml:1574
-#: sssd.conf.5.xml:1627
+#: sssd.conf.5.xml:1485 sssd.conf.5.xml:1571 sssd.conf.5.xml:1626
+#: sssd.conf.5.xml:1679
msgid ""
"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -1791,8 +1861,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1442 sssd.conf.5.xml:1528 sssd.conf.5.xml:1583
-#: sssd.conf.5.xml:1636
+#: sssd.conf.5.xml:1494 sssd.conf.5.xml:1580 sssd.conf.5.xml:1635
+#: sssd.conf.5.xml:1688
msgid ""
"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1800,19 +1870,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1453
+#: sssd.conf.5.xml:1505
msgid "use_fully_qualified_names (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1456
+#: sssd.conf.5.xml:1508
msgid ""
"Use the full name and domain (as formatted by the domain's full_name_format) "
"as the user's login name reported to NSS."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1461
+#: sssd.conf.5.xml:1513
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified names. "
"For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -1821,7 +1891,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1469
+#: sssd.conf.5.xml:1521
msgid ""
"NOTE: This option has no effect on netgroup lookups due to their tendency to "
"include nested netgroups without qualified names. For netgroups, all domains "
@@ -1829,17 +1899,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1481
+#: sssd.conf.5.xml:1533
msgid "ignore_group_members (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1484
+#: sssd.conf.5.xml:1536
msgid "Do not return group members for group lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1487
+#: sssd.conf.5.xml:1539
msgid ""
"If set to TRUE, the group membership attribute is not requested from the "
"ldap server, and group members are not returned when processing group lookup "
@@ -1847,19 +1917,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1498
+#: sssd.conf.5.xml:1550
msgid "auth_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1501
+#: sssd.conf.5.xml:1553
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1505 sssd.conf.5.xml:1567
+#: sssd.conf.5.xml:1557 sssd.conf.5.xml:1619
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1867,7 +1937,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1512
+#: sssd.conf.5.xml:1564
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1875,30 +1945,30 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1536
+#: sssd.conf.5.xml:1588
msgid ""
"<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1543
+#: sssd.conf.5.xml:1595
msgid "<quote>none</quote> disables authentication explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1546
+#: sssd.conf.5.xml:1598
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1552
+#: sssd.conf.5.xml:1604
msgid "access_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1555
+#: sssd.conf.5.xml:1607
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -1906,19 +1976,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1561
+#: sssd.conf.5.xml:1613
msgid ""
"<quote>permit</quote> always allow access. It's the only permitted access "
"provider for a local domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1564
+#: sssd.conf.5.xml:1616
msgid "<quote>deny</quote> always deny access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1591
+#: sssd.conf.5.xml:1643
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
@@ -1927,24 +1997,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1598
+#: sssd.conf.5.xml:1650
msgid "Default: <quote>permit</quote>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1603
+#: sssd.conf.5.xml:1655
msgid "chpass_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1606
+#: sssd.conf.5.xml:1658
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1611
+#: sssd.conf.5.xml:1663
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
@@ -1952,7 +2022,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1619
+#: sssd.conf.5.xml:1671
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1960,35 +2030,35 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1644
+#: sssd.conf.5.xml:1696
msgid ""
"<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1648
+#: sssd.conf.5.xml:1700
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1651
+#: sssd.conf.5.xml:1703
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1658
+#: sssd.conf.5.xml:1710
msgid "sudo_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1661
+#: sssd.conf.5.xml:1713
msgid "The SUDO provider used for the domain. Supported SUDO providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1665
+#: sssd.conf.5.xml:1717
msgid ""
"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1996,32 +2066,32 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1673
+#: sssd.conf.5.xml:1725
msgid ""
"<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default "
"settings."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1677
+#: sssd.conf.5.xml:1729
msgid ""
"<quote>ad</quote> the same as <quote>ldap</quote> but with AD default "
"settings."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1681
+#: sssd.conf.5.xml:1733
msgid "<quote>none</quote> disables SUDO explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1684 sssd.conf.5.xml:1762 sssd.conf.5.xml:1794
-#: sssd.conf.5.xml:1819
+#: sssd.conf.5.xml:1736 sssd.conf.5.xml:1814 sssd.conf.5.xml:1846
+#: sssd.conf.5.xml:1871
msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1688
+#: sssd.conf.5.xml:1740
msgid ""
"The detailed instructions for configuration of sudo_provider are in the "
"manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> "
@@ -2032,12 +2102,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1705
+#: sssd.conf.5.xml:1757
msgid "selinux_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1708
+#: sssd.conf.5.xml:1760
msgid ""
"The provider which should handle loading of selinux settings. Note that this "
"provider will be called right after access provider ends. Supported selinux "
@@ -2045,7 +2115,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1714
+#: sssd.conf.5.xml:1766
msgid ""
"<quote>ipa</quote> to load selinux settings from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2053,31 +2123,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1722
+#: sssd.conf.5.xml:1774
msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1725
+#: sssd.conf.5.xml:1777
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"selinux loading requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1731
+#: sssd.conf.5.xml:1783
msgid "subdomains_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1734
+#: sssd.conf.5.xml:1786
msgid ""
"The provider which should handle fetching of subdomains. This value should "
"be always the same as id_provider. Supported subdomain providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1740
+#: sssd.conf.5.xml:1792
msgid ""
"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2085,7 +2155,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1749
+#: sssd.conf.5.xml:1801
msgid ""
"<quote>ad</quote> to load a list of subdomains from an Active Directory "
"server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> "
@@ -2094,23 +2164,23 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1758
+#: sssd.conf.5.xml:1810
msgid "<quote>none</quote> disallows fetching subdomains explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1769
+#: sssd.conf.5.xml:1821
msgid "autofs_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1772
+#: sssd.conf.5.xml:1824
msgid ""
"The autofs provider used for the domain. Supported autofs providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1776
+#: sssd.conf.5.xml:1828
msgid ""
"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2118,7 +2188,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1783
+#: sssd.conf.5.xml:1835
msgid ""
"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2126,24 +2196,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1791
+#: sssd.conf.5.xml:1843
msgid "<quote>none</quote> disables autofs explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1801
+#: sssd.conf.5.xml:1853
msgid "hostid_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1804
+#: sssd.conf.5.xml:1856
msgid ""
"The provider used for retrieving host identity information. Supported "
"hostid providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1808
+#: sssd.conf.5.xml:1860
msgid ""
"<quote>ipa</quote> to load host identity stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2151,12 +2221,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1816
+#: sssd.conf.5.xml:1868
msgid "<quote>none</quote> disables hostid explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1829
+#: sssd.conf.5.xml:1881
msgid ""
"Regular expression for this domain that describes how to parse the string "
"containing user name and domain into these components. The \"domain\" can "
@@ -2166,7 +2236,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1838
+#: sssd.conf.5.xml:1890
msgid ""
"Default for the AD and IPA provider: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
"\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
@@ -2175,29 +2245,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1843
+#: sssd.conf.5.xml:1895
msgid "username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1846
+#: sssd.conf.5.xml:1898
msgid "username@domain.name"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1849
+#: sssd.conf.5.xml:1901
msgid "domain\\username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1852
+#: sssd.conf.5.xml:1904
msgid ""
"While the first two correspond to the general default the third one is "
"introduced to allow easy integration of users from Windows domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1857
+#: sssd.conf.5.xml:1909
msgid ""
"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
"which translates to \"the name is everything up to the <quote>@</quote> "
@@ -2205,7 +2275,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1863
+#: sssd.conf.5.xml:1915
msgid ""
"PLEASE NOTE: the support for non-unique named subpatterns is not available "
"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
@@ -2213,66 +2283,66 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1870
+#: sssd.conf.5.xml:1922
msgid ""
"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?"
"P&lt;name&gt;) to label subpatterns."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1917
+#: sssd.conf.5.xml:1969
msgid "Default: <quote>%1$s@%2$s</quote>."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1923
+#: sssd.conf.5.xml:1975
msgid "lookup_family_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1926
+#: sssd.conf.5.xml:1978
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1930
+#: sssd.conf.5.xml:1982
msgid "Supported values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1933
+#: sssd.conf.5.xml:1985
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1936
+#: sssd.conf.5.xml:1988
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1939
+#: sssd.conf.5.xml:1991
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1942
+#: sssd.conf.5.xml:1994
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1945
+#: sssd.conf.5.xml:1997
msgid "Default: ipv4_first"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1951
+#: sssd.conf.5.xml:2003
msgid "dns_resolver_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1954
+#: sssd.conf.5.xml:2006
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -2280,70 +2350,70 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1960 sssd-ldap.5.xml:1184 sssd-ldap.5.xml:1226
-#: sssd-ldap.5.xml:1241 sssd-krb5.5.xml:239
+#: sssd.conf.5.xml:2012 sssd-ldap.5.xml:1184 sssd-ldap.5.xml:1226
+#: sssd-ldap.5.xml:1241 sssd-krb5.5.xml:248
msgid "Default: 6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1966
+#: sssd.conf.5.xml:2018
msgid "dns_discovery_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1969
+#: sssd.conf.5.xml:2021
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1973
+#: sssd.conf.5.xml:2025
msgid "Default: Use the domain part of machine's hostname"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1979
+#: sssd.conf.5.xml:2031
msgid "override_gid (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1982
+#: sssd.conf.5.xml:2034
msgid "Override the primary GID value with the one specified."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1988
+#: sssd.conf.5.xml:2040
msgid "case_sensitive (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1996
+#: sssd.conf.5.xml:2048
msgid "True"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1999
+#: sssd.conf.5.xml:2051
msgid "Case sensitive. This value is invalid for AD provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2005
+#: sssd.conf.5.xml:2057
msgid "False"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2007
+#: sssd.conf.5.xml:2059
msgid "Case insensitive."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2011
+#: sssd.conf.5.xml:2063
msgid "Preserving"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2014
+#: sssd.conf.5.xml:2066
msgid ""
"Same as False (case insensitive), but does not lowercase names in the result "
"of NSS operations. Note that name aliases (and in case of services also "
@@ -2351,7 +2421,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1991
+#: sssd.conf.5.xml:2043
msgid ""
"Treat user and group names as case sensitive. At the moment, this option is "
"not supported in the local provider. Possible option values are: "
@@ -2359,17 +2429,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2026
+#: sssd.conf.5.xml:2078
msgid "Default: True (False for AD provider)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2032
+#: sssd.conf.5.xml:2084
msgid "proxy_fast_alias (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2035
+#: sssd.conf.5.xml:2087
msgid ""
"When a user or group is looked up by name in the proxy provider, a second "
"lookup by ID is performed to \"canonicalize\" the name in case the requested "
@@ -2378,22 +2448,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2049
+#: sssd.conf.5.xml:2101
msgid "subdomain_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2060
+#: sssd.conf.5.xml:2112
msgid "%F"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2061
+#: sssd.conf.5.xml:2113
msgid "flat (NetBIOS) name of a subdomain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2052
+#: sssd.conf.5.xml:2104
msgid ""
"Use this homedir as default value for all subdomains within this domain in "
"IPA AD trust. See <emphasis>override_homedir</emphasis> for info about "
@@ -2403,29 +2473,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2066
+#: sssd.conf.5.xml:2118
msgid ""
"The value can be overridden by <emphasis>override_homedir</emphasis> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2070
+#: sssd.conf.5.xml:2122
msgid "Default: <filename>/home/%d/%u</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2075
+#: sssd.conf.5.xml:2127
msgid "realmd_tags (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2078
+#: sssd.conf.5.xml:2130
msgid ""
"Various tags stored by the realmd configuration service for this domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1092
+#: sssd.conf.5.xml:1144
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
@@ -2433,29 +2503,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2091
+#: sssd.conf.5.xml:2143
msgid "proxy_pam_target (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2094
+#: sssd.conf.5.xml:2146
msgid "The proxy target PAM proxies to."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2097
+#: sssd.conf.5.xml:2149
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2105
+#: sssd.conf.5.xml:2157
msgid "proxy_lib_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2108
+#: sssd.conf.5.xml:2160
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -2463,19 +2533,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:2087
+#: sssd.conf.5.xml:2139
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
"\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:2120
+#: sssd.conf.5.xml:2172
msgid "The local domain section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:2122
+#: sssd.conf.5.xml:2174
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -2483,73 +2553,73 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2129
+#: sssd.conf.5.xml:2181
msgid "default_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2132
+#: sssd.conf.5.xml:2184
msgid "The default shell for users created with SSSD userspace tools."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2136
+#: sssd.conf.5.xml:2188
msgid "Default: <filename>/bin/bash</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2141
+#: sssd.conf.5.xml:2193
msgid "base_directory (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2144
+#: sssd.conf.5.xml:2196
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2149
+#: sssd.conf.5.xml:2201
msgid "Default: <filename>/home</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2154
+#: sssd.conf.5.xml:2206
msgid "create_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2157
+#: sssd.conf.5.xml:2209
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2161 sssd.conf.5.xml:2173
+#: sssd.conf.5.xml:2213 sssd.conf.5.xml:2225
msgid "Default: TRUE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2166
+#: sssd.conf.5.xml:2218
msgid "remove_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2169
+#: sssd.conf.5.xml:2221
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2178
+#: sssd.conf.5.xml:2230
msgid "homedir_umask (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2181
+#: sssd.conf.5.xml:2233
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -2557,17 +2627,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2189
+#: sssd.conf.5.xml:2241
msgid "Default: 077"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2194
+#: sssd.conf.5.xml:2246
msgid "skel_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2197
+#: sssd.conf.5.xml:2249
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -2576,17 +2646,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2207
+#: sssd.conf.5.xml:2259
msgid "Default: <filename>/etc/skel</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2212
+#: sssd.conf.5.xml:2264
msgid "mail_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2215
+#: sssd.conf.5.xml:2267
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -2594,17 +2664,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2222
+#: sssd.conf.5.xml:2274
msgid "Default: <filename>/var/mail</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2227
+#: sssd.conf.5.xml:2279
msgid "userdel_cmd (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2230
+#: sssd.conf.5.xml:2282
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -2612,19 +2682,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2236
+#: sssd.conf.5.xml:2288
msgid "Default: None, no command is run"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:2246 sssd-ldap.5.xml:2518 sssd-simple.5.xml:131
-#: sssd-ipa.5.xml:718 sssd-ad.5.xml:843 sssd-krb5.5.xml:519
+#: sssd.conf.5.xml:2298 sssd-ldap.5.xml:2569 sssd-simple.5.xml:131
+#: sssd-ipa.5.xml:718 sssd-ad.5.xml:843 sssd-krb5.5.xml:564
#: sss_rpcidmapd.5.xml:98
msgid "EXAMPLE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:2252
+#: sssd.conf.5.xml:2304
#, no-wrap
msgid ""
"[sssd]\n"
@@ -2654,7 +2724,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:2248
+#: sssd.conf.5.xml:2300
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -3493,7 +3563,7 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:738 sssd-ldap.5.xml:831 sssd-ldap.5.xml:1058
-#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:2102 sssd-ldap.5.xml:2441
+#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:2153 sssd-ldap.5.xml:2492
#: sssd-ipa.5.xml:591
msgid "Default: cn"
msgstr ""
@@ -3774,11 +3844,6 @@ msgid ""
"dealing with complex or deep nested groups)."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1017
-msgid "ldap_use_tokengroups"
-msgstr ""
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1020
msgid ""
@@ -4013,7 +4078,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1258 sssd-ldap.5.xml:2259
+#: sssd-ldap.5.xml:1258 sssd-ldap.5.xml:2310
msgid "Default: 900 (15 minutes)"
msgstr ""
@@ -4464,7 +4529,7 @@ msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:403 sssd-krb5.5.xml:453
+#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:403 sssd-krb5.5.xml:462
msgid "krb5_canonicalize (boolean)"
msgstr ""
@@ -4476,12 +4541,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1700 sssd-krb5.5.xml:468
+#: sssd-ldap.5.xml:1700 sssd-krb5.5.xml:477
msgid "krb5_use_kdcinfo (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1703 sssd-krb5.5.xml:471
+#: sssd-ldap.5.xml:1703 sssd-krb5.5.xml:480
msgid ""
"Specifies if the SSSD should instruct the Kerberos libraries what realm and "
"which KDCs to use. This option is on by default, if you disable it, you need "
@@ -4491,7 +4556,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1714 sssd-krb5.5.xml:482
+#: sssd-ldap.5.xml:1714 sssd-krb5.5.xml:491
msgid ""
"See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</"
"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more "
@@ -4759,40 +4824,93 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1958
+msgid ""
+"<emphasis> Please note that this option is superseded by the <quote>ppolicy</"
+"quote> option and might be removed in a future release. </emphasis>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1965
+msgid ""
+"<emphasis>ppolicy</emphasis>: use account locking. If set, this option "
+"denies access in case that ldap attribute 'pwdAccountLockedTime' is present "
+"and has value of '000001010000Z' or represents any time in the past. The "
+"value of the 'pwdAccountLockedTime' attribute must end with 'Z', which "
+"denotes the UTC time zone. Other time zones are not currently supported and "
+"will result in \"access-denied\" when users attempt to log in. Please see "
+"the option ldap_pwdlockout_dn. Please note that 'access_provider = ldap' "
+"must be set for this feature to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1982
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1962
+#: sssd-ldap.5.xml:1986
+msgid ""
+"<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, "
+"pwd_expire_policy_renew: </emphasis> These options are useful if users are "
+"interested in being warned that password is about to expire and "
+"authentication is based on using a different method than passwords - for "
+"example SSH keys."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1996
+msgid ""
+"The difference between these options is the action taken if user password is "
+"expired: pwd_expire_policy_reject - user is denied to log in, "
+"pwd_expire_policy_warn - user is still able to log in, "
+"pwd_expire_policy_renew - user is prompted to change his password "
+"immediately."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2004
+msgid ""
+"Note If user password is expired no explicit message is prompted by SSSD."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2008
+msgid ""
+"Please note that 'access_provider = ldap' must be set for this feature to "
+"work. Also 'ldap_pwd_policy' must be set to an appropriate password policy."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2013
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1967
+#: sssd-ldap.5.xml:2018
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1971
+#: sssd-ldap.5.xml:2022
msgid "Default: filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1974
+#: sssd-ldap.5.xml:2025
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1981
+#: sssd-ldap.5.xml:2032
msgid "ldap_pwdlockout_dn (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1984
+#: sssd-ldap.5.xml:2035
msgid ""
"This option specifies the DN of password policy entry on LDAP server. Please "
"note that absence of this option in sssd.conf in case of enabled account "
@@ -4801,74 +4919,74 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1992
+#: sssd-ldap.5.xml:2043
msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1995
+#: sssd-ldap.5.xml:2046
msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2001
+#: sssd-ldap.5.xml:2052
msgid "ldap_deref (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2004
+#: sssd-ldap.5.xml:2055
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2009
+#: sssd-ldap.5.xml:2060
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2013
+#: sssd-ldap.5.xml:2064
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2018
+#: sssd-ldap.5.xml:2069
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2023
+#: sssd-ldap.5.xml:2074
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2028
+#: sssd-ldap.5.xml:2079
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2036
+#: sssd-ldap.5.xml:2087
msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2039
+#: sssd-ldap.5.xml:2090
msgid ""
"Allows to retain local users as members of an LDAP group for servers that "
"use the RFC2307 schema."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2043
+#: sssd-ldap.5.xml:2094
msgid ""
"In some environments where the RFC2307 schema is used, local users are made "
"members of LDAP groups by adding their names to the memberUid attribute. "
@@ -4879,7 +4997,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2054
+#: sssd-ldap.5.xml:2105
msgid ""
"This option falls back to checking if local users are referenced, and caches "
"them so that later initgroups() calls will augment the local users with the "
@@ -4897,12 +5015,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2070
+#: sssd-ldap.5.xml:2121
msgid "SUDO OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2072
+#: sssd-ldap.5.xml:2123
msgid ""
"The detailed instructions for configuration of sudo_provider are in the "
"manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> "
@@ -4910,208 +5028,208 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2083
+#: sssd-ldap.5.xml:2134
msgid "ldap_sudorule_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2086
+#: sssd-ldap.5.xml:2137
msgid "The object class of a sudo rule entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2089
+#: sssd-ldap.5.xml:2140
msgid "Default: sudoRole"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2095
+#: sssd-ldap.5.xml:2146
msgid "ldap_sudorule_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2098
+#: sssd-ldap.5.xml:2149
msgid "The LDAP attribute that corresponds to the sudo rule name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2108
+#: sssd-ldap.5.xml:2159
msgid "ldap_sudorule_command (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2111
+#: sssd-ldap.5.xml:2162
msgid "The LDAP attribute that corresponds to the command name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2115
+#: sssd-ldap.5.xml:2166
msgid "Default: sudoCommand"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2121
+#: sssd-ldap.5.xml:2172
msgid "ldap_sudorule_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2124
+#: sssd-ldap.5.xml:2175
msgid ""
"The LDAP attribute that corresponds to the host name (or host IP address, "
"host IP network, or host netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2129
+#: sssd-ldap.5.xml:2180
msgid "Default: sudoHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2135
+#: sssd-ldap.5.xml:2186
msgid "ldap_sudorule_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2138
+#: sssd-ldap.5.xml:2189
msgid ""
"The LDAP attribute that corresponds to the user name (or UID, group name or "
"user's netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2142
+#: sssd-ldap.5.xml:2193
msgid "Default: sudoUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2148
+#: sssd-ldap.5.xml:2199
msgid "ldap_sudorule_option (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2151
+#: sssd-ldap.5.xml:2202
msgid "The LDAP attribute that corresponds to the sudo options."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2155
+#: sssd-ldap.5.xml:2206
msgid "Default: sudoOption"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2161
+#: sssd-ldap.5.xml:2212
msgid "ldap_sudorule_runasuser (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2164
+#: sssd-ldap.5.xml:2215
msgid ""
"The LDAP attribute that corresponds to the user name that commands may be "
"run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2168
+#: sssd-ldap.5.xml:2219
msgid "Default: sudoRunAsUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2174
+#: sssd-ldap.5.xml:2225
msgid "ldap_sudorule_runasgroup (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2177
+#: sssd-ldap.5.xml:2228
msgid ""
"The LDAP attribute that corresponds to the group name or group GID that "
"commands may be run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2181
+#: sssd-ldap.5.xml:2232
msgid "Default: sudoRunAsGroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2187
+#: sssd-ldap.5.xml:2238
msgid "ldap_sudorule_notbefore (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2190
+#: sssd-ldap.5.xml:2241
msgid ""
"The LDAP attribute that corresponds to the start date/time for when the sudo "
"rule is valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2194
+#: sssd-ldap.5.xml:2245
msgid "Default: sudoNotBefore"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2200
+#: sssd-ldap.5.xml:2251
msgid "ldap_sudorule_notafter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2203
+#: sssd-ldap.5.xml:2254
msgid ""
"The LDAP attribute that corresponds to the expiration date/time, after which "
"the sudo rule will no longer be valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2208
+#: sssd-ldap.5.xml:2259
msgid "Default: sudoNotAfter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2214
+#: sssd-ldap.5.xml:2265
msgid "ldap_sudorule_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2217
+#: sssd-ldap.5.xml:2268
msgid "The LDAP attribute that corresponds to the ordering index of the rule."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2221
+#: sssd-ldap.5.xml:2272
msgid "Default: sudoOrder"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2227
+#: sssd-ldap.5.xml:2278
msgid "ldap_sudo_full_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2230
+#: sssd-ldap.5.xml:2281
msgid ""
"How many seconds SSSD will wait between executing a full refresh of sudo "
"rules (which downloads all rules that are stored on the server)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2235
+#: sssd-ldap.5.xml:2286
msgid ""
"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </"
"emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2240
+#: sssd-ldap.5.xml:2291
msgid "Default: 21600 (6 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2246
+#: sssd-ldap.5.xml:2297
msgid "ldap_sudo_smart_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2249
+#: sssd-ldap.5.xml:2300
msgid ""
"How many seconds SSSD has to wait before executing a smart refresh of sudo "
"rules (which downloads all rules that have USN higher than the highest USN "
@@ -5119,101 +5237,101 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2255
+#: sssd-ldap.5.xml:2306
msgid ""
"If USN attributes are not supported by the server, the modifyTimestamp "
"attribute is used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2265
+#: sssd-ldap.5.xml:2316
msgid "ldap_sudo_use_host_filter (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2268
+#: sssd-ldap.5.xml:2319
msgid ""
"If true, SSSD will download only rules that are applicable to this machine "
"(using the IPv4 or IPv6 host/network addresses and hostnames)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2279
+#: sssd-ldap.5.xml:2330
msgid "ldap_sudo_hostnames (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2282
+#: sssd-ldap.5.xml:2333
msgid ""
"Space separated list of hostnames or fully qualified domain names that "
"should be used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2287
+#: sssd-ldap.5.xml:2338
msgid ""
"If this option is empty, SSSD will try to discover the hostname and the "
"fully qualified domain name automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2292 sssd-ldap.5.xml:2315 sssd-ldap.5.xml:2333
-#: sssd-ldap.5.xml:2351
+#: sssd-ldap.5.xml:2343 sssd-ldap.5.xml:2366 sssd-ldap.5.xml:2384
+#: sssd-ldap.5.xml:2402
msgid ""
"If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</"
"emphasis> then this option has no effect."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2297 sssd-ldap.5.xml:2320
+#: sssd-ldap.5.xml:2348 sssd-ldap.5.xml:2371
msgid "Default: not specified"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2303
+#: sssd-ldap.5.xml:2354
msgid "ldap_sudo_ip (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2306
+#: sssd-ldap.5.xml:2357
msgid ""
"Space separated list of IPv4 or IPv6 host/network addresses that should be "
"used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2311
+#: sssd-ldap.5.xml:2362
msgid ""
"If this option is empty, SSSD will try to discover the addresses "
"automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2326
+#: sssd-ldap.5.xml:2377
msgid "ldap_sudo_include_netgroups (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2329
+#: sssd-ldap.5.xml:2380
msgid ""
"If true then SSSD will download every rule that contains a netgroup in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2344
+#: sssd-ldap.5.xml:2395
msgid "ldap_sudo_include_regexp (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2347
+#: sssd-ldap.5.xml:2398
msgid ""
"If true then SSSD will download every rule that contains a wildcard in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2363
+#: sssd-ldap.5.xml:2414
msgid ""
"This manual page only describes attribute name mapping. For detailed "
"explanation of sudo related attribute semantics, see <citerefentry> "
@@ -5222,91 +5340,91 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2373
+#: sssd-ldap.5.xml:2424
msgid "AUTOFS OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2375
+#: sssd-ldap.5.xml:2426
msgid ""
"Please note that the default values correspond to the default schema which "
"is RFC2307."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2381
+#: sssd-ldap.5.xml:2432
msgid "ldap_autofs_map_master_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2384
+#: sssd-ldap.5.xml:2435
msgid "The name of the automount master map in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2387
+#: sssd-ldap.5.xml:2438
msgid "Default: auto.master"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2394
+#: sssd-ldap.5.xml:2445
msgid "ldap_autofs_map_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2397 sssd-ldap.5.xml:2423
+#: sssd-ldap.5.xml:2448 sssd-ldap.5.xml:2474
msgid "The object class of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2400 sssd-ldap.5.xml:2427
+#: sssd-ldap.5.xml:2451 sssd-ldap.5.xml:2478
msgid "Default: automountMap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2407
+#: sssd-ldap.5.xml:2458
msgid "ldap_autofs_map_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2410
+#: sssd-ldap.5.xml:2461
msgid "The name of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2413
+#: sssd-ldap.5.xml:2464
msgid "Default: ou"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2420
+#: sssd-ldap.5.xml:2471
msgid "ldap_autofs_entry_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2434
+#: sssd-ldap.5.xml:2485
msgid "ldap_autofs_entry_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2437 sssd-ldap.5.xml:2451
+#: sssd-ldap.5.xml:2488 sssd-ldap.5.xml:2502
msgid ""
"The key of an automount entry in LDAP. The entry usually corresponds to a "
"mount point."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2448
+#: sssd-ldap.5.xml:2499
msgid "ldap_autofs_entry_value (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2455
+#: sssd-ldap.5.xml:2506
msgid "Default: automountInformation"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2379
+#: sssd-ldap.5.xml:2430
msgid ""
"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
@@ -5315,32 +5433,32 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2465
+#: sssd-ldap.5.xml:2516
msgid "ADVANCED OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2472
+#: sssd-ldap.5.xml:2523
msgid "ldap_netgroup_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2477
+#: sssd-ldap.5.xml:2528
msgid "ldap_user_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2482
+#: sssd-ldap.5.xml:2533
msgid "ldap_group_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><note>
-#: sssd-ldap.5.xml:2487
+#: sssd-ldap.5.xml:2538
msgid "<note>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para>
-#: sssd-ldap.5.xml:2489
+#: sssd-ldap.5.xml:2540
msgid ""
"If the option <quote>ldap_use_tokengroups</quote> is enabled. The searches "
"against Active Directory will not be restricted and return all groups "
@@ -5349,22 +5467,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist>
-#: sssd-ldap.5.xml:2496
+#: sssd-ldap.5.xml:2547
msgid "</note>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2498
+#: sssd-ldap.5.xml:2549
msgid "ldap_sudo_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2503
+#: sssd-ldap.5.xml:2554
msgid "ldap_autofs_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2467
+#: sssd-ldap.5.xml:2518
msgid ""
"These options are supported by LDAP domains, but they should be used with "
"caution. Please include them in your configuration only if you know what you "
@@ -5373,7 +5491,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2520
+#: sssd-ldap.5.xml:2571
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -5381,7 +5499,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2526
+#: sssd-ldap.5.xml:2577
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -5394,26 +5512,26 @@ msgid ""
msgstr ""
#. type: Content of: <refsect1><refsect2><para>
-#: sssd-ldap.5.xml:2525 sssd-ldap.5.xml:2543 sssd-simple.5.xml:139
+#: sssd-ldap.5.xml:2576 sssd-ldap.5.xml:2594 sssd-simple.5.xml:139
#: sssd-ipa.5.xml:726 sssd-ad.5.xml:851 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98
-#: sssd-krb5.5.xml:528 include/ldap_id_mapping.xml:105
+#: sssd-krb5.5.xml:573 include/ldap_id_mapping.xml:105
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2537
+#: sssd-ldap.5.xml:2588
msgid "LDAP ACCESS FILTER EXAMPLE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2539
+#: sssd-ldap.5.xml:2590
msgid ""
"The following example assumes that SSSD is correctly configured and to use "
"the ldap_access_order=lockout."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2544
+#: sssd-ldap.5.xml:2595
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -5429,13 +5547,13 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2559 sssd_krb5_locator_plugin.8.xml:61
+#: sssd-ldap.5.xml:2610 sssd_krb5_locator_plugin.8.xml:61
#: sssd-simple.5.xml:148 sssd-ad.5.xml:866 sssd.8.xml:195 sss_seed.8.xml:163
msgid "NOTES"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2561
+#: sssd-ldap.5.xml:2612
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -6195,7 +6313,7 @@ msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:371 sssd-krb5.5.xml:245
+#: sssd-ipa.5.xml:371 sssd-krb5.5.xml:254
msgid "krb5_validate (boolean)"
msgstr ""
@@ -6236,12 +6354,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:419 sssd-krb5.5.xml:407
+#: sssd-ipa.5.xml:419 sssd-krb5.5.xml:416
msgid "krb5_use_fast (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:422 sssd-krb5.5.xml:410
+#: sssd-ipa.5.xml:422 sssd-krb5.5.xml:419
msgid ""
"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-"
"authentication. The following options are supported:"
@@ -6261,7 +6379,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:436 sssd-krb5.5.xml:424
+#: sssd-ipa.5.xml:436 sssd-krb5.5.xml:433
msgid ""
"<emphasis>demand</emphasis> to use FAST. The authentication fails if the "
"server does not require fast."
@@ -6273,7 +6391,7 @@ msgid "Default: try"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:444 sssd-krb5.5.xml:435
+#: sssd-ipa.5.xml:444 sssd-krb5.5.xml:444
msgid ""
"NOTE: SSSD supports FAST only with MIT Kerberos version 1.8 and later. If "
"SSSD is used with an older version of MIT Kerberos, using this option is a "
@@ -7357,12 +7475,12 @@ msgid "Default: True"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:797 sssd-krb5.5.xml:496
+#: sssd-ad.5.xml:797 sssd-krb5.5.xml:505
msgid "krb5_use_enterprise_principal (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:800 sssd-krb5.5.xml:499
+#: sssd-ad.5.xml:800 sssd-krb5.5.xml:508
msgid ""
"Specifies if the user principal should be treated as enterprise principal. "
"See section 5 of RFC 6806 for more details about enterprise principals."
@@ -8305,16 +8423,24 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:225
+msgid ""
+"NOTE: Please be aware that libkrb5 ccache expansion template from "
+"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> uses different expansion sequences than SSSD."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:234
msgid "Default: (from libkrb5)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:231
+#: sssd-krb5.5.xml:240
msgid "krb5_auth_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:234
+#: sssd-krb5.5.xml:243
msgid ""
"Timeout in seconds after an online authentication request or change password "
"request is aborted. If possible, the authentication request is continued "
@@ -8322,7 +8448,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:248
+#: sssd-krb5.5.xml:257
msgid ""
"Verify with the help of krb5_keytab that the TGT obtained has not been "
"spoofed. The keytab is checked for entries sequentially, and the first entry "
@@ -8333,36 +8459,36 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:263
+#: sssd-krb5.5.xml:272
msgid "krb5_keytab (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:266
+#: sssd-krb5.5.xml:275
msgid ""
"The location of the keytab to use when validating credentials obtained from "
"KDCs."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:270
+#: sssd-krb5.5.xml:279
msgid "Default: /etc/krb5.keytab"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:276
+#: sssd-krb5.5.xml:285
msgid "krb5_store_password_if_offline (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:279
+#: sssd-krb5.5.xml:288
msgid ""
"Store the password of the user if the provider is offline and use it to "
"request a TGT when the provider comes online again."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:284
+#: sssd-krb5.5.xml:293
msgid ""
"NOTE: this feature is only available on Linux. Passwords stored in this way "
"are kept in plaintext in the kernel keyring and are potentially accessible "
@@ -8370,91 +8496,91 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:297
+#: sssd-krb5.5.xml:306
msgid "krb5_renewable_lifetime (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:300
+#: sssd-krb5.5.xml:309
msgid ""
"Request a renewable ticket with a total lifetime, given as an integer "
"immediately followed by a time unit:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:305 sssd-krb5.5.xml:339 sssd-krb5.5.xml:376
+#: sssd-krb5.5.xml:314 sssd-krb5.5.xml:348 sssd-krb5.5.xml:385
msgid "<emphasis>s</emphasis> for seconds"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:308 sssd-krb5.5.xml:342 sssd-krb5.5.xml:379
+#: sssd-krb5.5.xml:317 sssd-krb5.5.xml:351 sssd-krb5.5.xml:388
msgid "<emphasis>m</emphasis> for minutes"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:311 sssd-krb5.5.xml:345 sssd-krb5.5.xml:382
+#: sssd-krb5.5.xml:320 sssd-krb5.5.xml:354 sssd-krb5.5.xml:391
msgid "<emphasis>h</emphasis> for hours"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:314 sssd-krb5.5.xml:348 sssd-krb5.5.xml:385
+#: sssd-krb5.5.xml:323 sssd-krb5.5.xml:357 sssd-krb5.5.xml:394
msgid "<emphasis>d</emphasis> for days."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:317 sssd-krb5.5.xml:388
+#: sssd-krb5.5.xml:326 sssd-krb5.5.xml:397
msgid "If there is no unit given, <emphasis>s</emphasis> is assumed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:321 sssd-krb5.5.xml:392
+#: sssd-krb5.5.xml:330 sssd-krb5.5.xml:401
msgid ""
"NOTE: It is not possible to mix units. To set the renewable lifetime to one "
"and a half hours, use '90m' instead of '1h30m'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:326
+#: sssd-krb5.5.xml:335
msgid "Default: not set, i.e. the TGT is not renewable"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:332
+#: sssd-krb5.5.xml:341
msgid "krb5_lifetime (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:335
+#: sssd-krb5.5.xml:344
msgid ""
"Request ticket with a lifetime, given as an integer immediately followed by "
"a time unit:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:351
+#: sssd-krb5.5.xml:360
msgid "If there is no unit given <emphasis>s</emphasis> is assumed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:355
+#: sssd-krb5.5.xml:364
msgid ""
"NOTE: It is not possible to mix units. To set the lifetime to one and a "
"half hours please use '90m' instead of '1h30m'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:360
+#: sssd-krb5.5.xml:369
msgid ""
"Default: not set, i.e. the default ticket lifetime configured on the KDC."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:367
+#: sssd-krb5.5.xml:376
msgid "krb5_renew_interval (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:370
+#: sssd-krb5.5.xml:379
msgid ""
"The time in seconds between two checks if the TGT should be renewed. TGTs "
"are renewed if about half of their lifetime is exceeded, given as an integer "
@@ -8462,56 +8588,89 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:397
+#: sssd-krb5.5.xml:406
msgid "If this option is not set or is 0 the automatic renewal is disabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:415
+#: sssd-krb5.5.xml:424
msgid ""
"<emphasis>never</emphasis> use FAST. This is equivalent to not setting this "
"option at all."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:419
+#: sssd-krb5.5.xml:428
msgid ""
"<emphasis>try</emphasis> to use FAST. If the server does not support FAST, "
"continue the authentication without it."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:429
+#: sssd-krb5.5.xml:438
msgid "Default: not set, i.e. FAST is not used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:432
+#: sssd-krb5.5.xml:441
msgid "NOTE: a keytab is required to use FAST."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:444
+#: sssd-krb5.5.xml:453
msgid "krb5_fast_principal (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:447
+#: sssd-krb5.5.xml:456
msgid "Specifies the server principal to use for FAST."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:456
+#: sssd-krb5.5.xml:465
msgid ""
"Specifies if the host and user principal should be canonicalized. This "
"feature is available with MIT Kerberos 1.7 and later versions."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:505
+#: sssd-krb5.5.xml:514
msgid "Default: false (AD provider: true)"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:520
+msgid "krb5_map_user (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:523
+msgid ""
+"The list of mappings is given as a comma-separated list of pairs "
+"<quote>username:primary</quote> where <quote>username</quote> is a UNIX user "
+"name and <quote>primary</quote> is a user part of a kerberos principal. This "
+"mapping is used when user is authenticating using <quote>auth_provider = "
+"krb5</quote>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd-krb5.5.xml:535
+#, no-wrap
+msgid ""
+"krb5_realm = REALM\n"
+"krb5_map_user = joe:juser,dick:richard\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:540
+msgid ""
+"<quote>joe</quote> and <quote>dick</quote> are UNIX user names and "
+"<quote>juser</quote> and <quote>richard</quote> are primaries of kerberos "
+"principals. For user <quote>joe</quote> resp. <quote>dick</quote> SSSD will "
+"try to kinit as <quote>juser@REALM</quote> resp. <quote>richard@REALM</"
+"quote>."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-krb5.5.xml:65
msgid ""
@@ -8523,7 +8682,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-krb5.5.xml:521
+#: sssd-krb5.5.xml:566
msgid ""
"The following example assumes that SSSD is correctly configured and FOO is "
"one of the domains in the <replaceable>[sssd]</replaceable> section. This "
@@ -8532,7 +8691,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-krb5.5.xml:529
+#: sssd-krb5.5.xml:574
#, no-wrap
msgid ""
" [domain/FOO]\n"
diff --git a/src/man/po/fr.po b/src/man/po/fr.po
index 600f54c58..c76bfd1e1 100644
--- a/src/man/po/fr.po
+++ b/src/man/po/fr.po
@@ -13,7 +13,7 @@ msgid ""
msgstr ""
"Project-Id-Version: sssd-docs 1.12.2\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2015-02-18 16:52+0100\n"
+"POT-Creation-Date: 2015-06-12 10:36+0200\n"
"PO-Revision-Date: 2014-09-24 07:39-0400\n"
"Last-Translator: Jérôme Fenal <jfenal@gmail.com>\n"
"Language-Team: French (http://www.transifex.com/projects/p/sssd/language/"
@@ -23,7 +23,7 @@ msgstr ""
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=(n > 1);\n"
-"X-Generator: Zanata 3.5.1\n"
+"X-Generator: Zanata 3.6.2\n"
#. type: Content of: <reference><title>
#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5
@@ -266,11 +266,11 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:81 sssd.conf.5.xml:571 sssd.conf.5.xml:1014
+#: sssd.conf.5.xml:81 sssd.conf.5.xml:602 sssd.conf.5.xml:1066
#: sssd-ldap.5.xml:1625 sssd-ldap.5.xml:1722 sssd-ldap.5.xml:1784
-#: sssd-ldap.5.xml:2273 sssd-ldap.5.xml:2338 sssd-ldap.5.xml:2356
+#: sssd-ldap.5.xml:2324 sssd-ldap.5.xml:2389 sssd-ldap.5.xml:2407
#: sssd-ipa.5.xml:378 sssd-ipa.5.xml:413 sssd-ad.5.xml:166 sssd-ad.5.xml:264
-#: sssd-ad.5.xml:714 sssd-ad.5.xml:806 sssd-krb5.5.xml:490
+#: sssd-ad.5.xml:714 sssd-ad.5.xml:806 sssd-krb5.5.xml:499
msgid "Default: true"
msgstr "Par défaut : true"
@@ -287,16 +287,16 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:94 sssd.conf.5.xml:968 sssd.conf.5.xml:2043
+#: sssd.conf.5.xml:94 sssd.conf.5.xml:1020 sssd.conf.5.xml:2095
#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1499 sssd-ldap.5.xml:1518
-#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:2060 sssd-ipa.5.xml:139
-#: sssd-ipa.5.xml:208 sssd-ipa.5.xml:543 sssd-krb5.5.xml:257
-#: sssd-krb5.5.xml:291 sssd-krb5.5.xml:462
+#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:2111 sssd-ipa.5.xml:139
+#: sssd-ipa.5.xml:208 sssd-ipa.5.xml:543 sssd-krb5.5.xml:266
+#: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471
msgid "Default: false"
msgstr "Par défaut : false"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:67 sssd.conf.5.xml:105 sssd-ldap.5.xml:2081
+#: sssd.conf.5.xml:67 sssd.conf.5.xml:105 sssd-ldap.5.xml:2132
msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr "<placeholder type=\"variablelist\" id=\"0\"/>"
@@ -335,7 +335,7 @@ msgid "The [sssd] section"
msgstr "La section [sssd]"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:137 sssd.conf.5.xml:2127
+#: sssd.conf.5.xml:137 sssd.conf.5.xml:2179
msgid "Section parameters"
msgstr "Paramètres de sections"
@@ -428,7 +428,7 @@ msgstr ""
"caractères soulignés."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:193 sssd.conf.5.xml:1826
+#: sssd.conf.5.xml:193 sssd.conf.5.xml:1878
msgid "re_expression (string)"
msgstr "re_expression (chaîne)"
@@ -454,12 +454,12 @@ msgstr ""
"expressions régulières."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:210 sssd.conf.5.xml:1877
+#: sssd.conf.5.xml:210 sssd.conf.5.xml:1929
msgid "full_name_format (string)"
msgstr "full_name_format (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:213 sssd.conf.5.xml:1880
+#: sssd.conf.5.xml:213 sssd.conf.5.xml:1932
msgid ""
"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
"manvolnum> </citerefentry>-compatible format that describes how to compose a "
@@ -471,33 +471,33 @@ msgstr ""
"domaine."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:224 sssd.conf.5.xml:1891
+#: sssd.conf.5.xml:224 sssd.conf.5.xml:1943
msgid "%1$s"
msgstr "%1$s"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:225 sssd.conf.5.xml:1892
+#: sssd.conf.5.xml:225 sssd.conf.5.xml:1944
msgid "user name"
msgstr "nom d'utilisateur"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:228 sssd.conf.5.xml:1895
+#: sssd.conf.5.xml:228 sssd.conf.5.xml:1947
msgid "%2$s"
msgstr "%2$s"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:231 sssd.conf.5.xml:1898
+#: sssd.conf.5.xml:231 sssd.conf.5.xml:1950
msgid "domain name as specified in the SSSD config file."
msgstr ""
"nom de domaine tel qu'indiqué dans le fichier de configuration de SSSD."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:237 sssd.conf.5.xml:1904
+#: sssd.conf.5.xml:237 sssd.conf.5.xml:1956
msgid "%3$s"
msgstr "%3$s"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:240 sssd.conf.5.xml:1907
+#: sssd.conf.5.xml:240 sssd.conf.5.xml:1959
msgid ""
"domain flat name. Mostly usable for Active Directory domains, both directly "
"configured or discovered via IPA trusts."
@@ -507,7 +507,7 @@ msgstr ""
"d'approbation IPA."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:221 sssd.conf.5.xml:1888
+#: sssd.conf.5.xml:221 sssd.conf.5.xml:1940
msgid ""
"The following expansions are supported: <placeholder type=\"variablelist\" "
"id=\"0\"/>"
@@ -659,8 +659,8 @@ msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:336 sssd-ldap.5.xml:663 sssd-ldap.5.xml:1458
#: sssd-ldap.5.xml:1470 sssd-ldap.5.xml:1552 sssd-ad.5.xml:557
-#: sssd-ad.5.xml:627 sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:203
-#: include/ldap_id_mapping.xml:214
+#: sssd-ad.5.xml:627 sssd-krb5.5.xml:410 sssd-krb5.5.xml:550
+#: include/ldap_id_mapping.xml:203 include/ldap_id_mapping.xml:214
msgid "Default: not set"
msgstr "Par défaut : non défini"
@@ -782,18 +782,18 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:427 sssd.conf.5.xml:443 sssd.conf.5.xml:475
-#: sssd.conf.5.xml:702 sssd.conf.5.xml:888 sssd.conf.5.xml:1209
+#: sssd.conf.5.xml:733 sssd.conf.5.xml:919 sssd.conf.5.xml:1261
#: sssd-ldap.5.xml:1200
msgid "Default: 60"
msgstr "Par défaut : 60"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:432 sssd.conf.5.xml:1198
+#: sssd.conf.5.xml:432 sssd.conf.5.xml:1250
msgid "force_timeout (integer)"
msgstr "force_timeout (integer)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:435 sssd.conf.5.xml:1201
+#: sssd.conf.5.xml:435 sssd.conf.5.xml:1253
msgid ""
"If a service is not responding to ping checks (see the <quote>timeout</"
"quote> option), it is first sent the SIGTERM signal that instructs it to "
@@ -845,13 +845,80 @@ msgid ""
"will be forced to one hour."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:480
+#, fuzzy
+#| msgid "subdomain_enumerate (string)"
+msgid "subdomain_inherit (string)"
+msgstr "subdomain_enumerate (chaîne)"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:483
+msgid ""
+"Specifies a list of configuration parameters that should be inherited by a "
+"subdomain. Please note that only selected parameters can be inherited. "
+"Currently the following options can be inherited:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:489
+#, fuzzy
+#| msgid "ignore_group_members (bool)"
+msgid "ignore_group_members"
+msgstr "ignore_group_members (booléen)"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:492
+#, fuzzy
+#| msgid "ldap_purge_cache_timeout (integer)"
+msgid "ldap_purge_cache_timeout"
+msgstr "ldap_purge_cache_timeout (entier)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:495 sssd-ldap.5.xml:1017
+msgid "ldap_use_tokengroups"
+msgstr "ldap_use_tokengroups"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:498
+#, fuzzy
+#| msgid "ldap_user_principal (string)"
+msgid "ldap_user_principal"
+msgstr "ldap_user_principal (chaîne)"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd.conf.5.xml:503
+#, fuzzy, no-wrap
+#| msgid ""
+#| "fallback_homedir = /home/%u\n"
+#| " "
+msgid ""
+"subdomain_inherit = ldap_purge_cache_timeout\n"
+" "
+msgstr ""
+"fallback_homedir = /home/%u\n"
+" "
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:501
+#, fuzzy
+#| msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
+msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr "exemple : <placeholder type=\"programlisting\" id=\"0\"/>"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:507 sssd.conf.5.xml:963 sssd.conf.5.xml:984
+#: sssd.conf.5.xml:1244 sssd-ldap.5.xml:1753
+msgid "Default: none"
+msgstr "Par défaut : aucun"
+
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:484
+#: sssd.conf.5.xml:515
msgid "NSS configuration options"
msgstr "Options de configuration NSS"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:486
+#: sssd.conf.5.xml:517
msgid ""
"These options can be used to configure the Name Service Switch (NSS) service."
msgstr ""
@@ -859,12 +926,12 @@ msgstr ""
"Switch (NSS)."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:491
+#: sssd.conf.5.xml:522
msgid "enum_cache_timeout (integer)"
msgstr "enum_cache_timeout (entier)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:494
+#: sssd.conf.5.xml:525
msgid ""
"How many seconds should nss_sss cache enumerations (requests for info about "
"all users)"
@@ -873,17 +940,17 @@ msgstr ""
"énumérations (requêtes sur les informations de tous les utilisateurs)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:498
+#: sssd.conf.5.xml:529
msgid "Default: 120"
msgstr "Par défaut : 120"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:503
+#: sssd.conf.5.xml:534
msgid "entry_cache_nowait_percentage (integer)"
msgstr "entry_cache_nowait_percentage (entier)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:506
+#: sssd.conf.5.xml:537
msgid ""
"The entry cache can be set to automatically update entries in the background "
"if they are requested beyond a percentage of the entry_cache_timeout value "
@@ -894,7 +961,7 @@ msgstr ""
"valeur de entry_cache_timeout pour le domaine."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:512
+#: sssd.conf.5.xml:543
msgid ""
"For example, if the domain's entry_cache_timeout is set to 30s and "
"entry_cache_nowait_percentage is set to 50 (percent), entries that come in "
@@ -910,7 +977,7 @@ msgstr ""
"cache."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:522
+#: sssd.conf.5.xml:553
msgid ""
"Valid values for this option are 0-99 and represent a percentage of the "
"entry_cache_timeout for each domain. For performance reasons, this "
@@ -923,17 +990,17 @@ msgstr ""
"de non réponse à moins de 10 secondes (0 pour désactiver l'option)."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:530
+#: sssd.conf.5.xml:561
msgid "Default: 50"
msgstr "Par défaut : 50"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:535
+#: sssd.conf.5.xml:566
msgid "entry_negative_timeout (integer)"
msgstr "entry_negative_timeout (entier)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:538
+#: sssd.conf.5.xml:569
msgid ""
"Specifies for how many seconds nss_sss should cache negative cache hits "
"(that is, queries for invalid database entries, like nonexistent ones) "
@@ -945,17 +1012,17 @@ msgstr ""
"appel au moteur."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:544 sssd.conf.5.xml:992
+#: sssd.conf.5.xml:575 sssd.conf.5.xml:1044
msgid "Default: 15"
msgstr "Par défaut : 15"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:549
+#: sssd.conf.5.xml:580
msgid "filter_users, filter_groups (string)"
msgstr "filter_users, filter_groups (chaîne)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:552
+#: sssd.conf.5.xml:583
msgid ""
"Exclude certain users from being fetched from the sss NSS database. This is "
"particularly useful for system accounts. This option can also be set per-"
@@ -969,17 +1036,17 @@ msgstr ""
"certain domaine."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:559
+#: sssd.conf.5.xml:590
msgid "Default: root"
msgstr "Par défaut : root"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:564
+#: sssd.conf.5.xml:595
msgid "filter_users_in_groups (bool)"
msgstr "filter_users_in_groups (booléen)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:567
+#: sssd.conf.5.xml:598
msgid ""
"If you want filtered user still be group members set this option to false."
msgstr ""
@@ -987,12 +1054,12 @@ msgstr ""
"membres de groupes."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:578
+#: sssd.conf.5.xml:609
msgid "fallback_homedir (string)"
msgstr "fallback_homedir (string)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:581
+#: sssd.conf.5.xml:612
msgid ""
"Set a default template for a user's home directory if one is not specified "
"explicitly by the domain's data provider."
@@ -1001,7 +1068,7 @@ msgstr ""
"explicitement spécifié par le fournisseur de données du domaine."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:586
+#: sssd.conf.5.xml:617
msgid ""
"The available values for this option are the same as for override_homedir."
msgstr ""
@@ -1009,7 +1076,7 @@ msgstr ""
"override_homedir."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
-#: sssd.conf.5.xml:592
+#: sssd.conf.5.xml:623
#, no-wrap
msgid ""
"fallback_homedir = /home/%u\n"
@@ -1019,24 +1086,25 @@ msgstr ""
" "
#. type: Content of: <varlistentry><listitem><para>
-#: sssd.conf.5.xml:590 include/override_homedir.xml:55
+#: sssd.conf.5.xml:621 sssd.conf.5.xml:978 sssd-krb5.5.xml:533
+#: include/override_homedir.xml:55
msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr "exemple : <placeholder type=\"programlisting\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:596
+#: sssd.conf.5.xml:627
msgid "Default: not set (no substitution for unset home directories)"
msgstr ""
"Par défaut : non défini (aucune substitution pour les répertoires d'accueil "
"non définis)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:602
+#: sssd.conf.5.xml:633
msgid "override_shell (string)"
msgstr "override_shell (string)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:605
+#: sssd.conf.5.xml:636
msgid ""
"Override the login shell for all users. This option supersedes any other "
"shell options if it takes effect and can be set either in the [nss] section "
@@ -1048,17 +1116,17 @@ msgstr ""
"section [nss], soit par domaine."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:611
+#: sssd.conf.5.xml:642
msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
msgstr "Par défaut : indéfini (SSSD utilisera la valeur récupérée de LDAP)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:617
+#: sssd.conf.5.xml:648
msgid "allowed_shells (string)"
msgstr "allowed_shells (chaîne)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:620
+#: sssd.conf.5.xml:651
msgid ""
"Restrict user shell to one of the listed values. The order of evaluation is:"
msgstr ""
@@ -1066,14 +1134,14 @@ msgstr ""
"indiquées. L'ordre d'évaluation est :"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:623
+#: sssd.conf.5.xml:654
msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
msgstr ""
"1. Si l'interpréteur de commandes est présent dans <quote>/etc/shells</"
"quote>, il est utilisé."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:627
+#: sssd.conf.5.xml:658
msgid ""
"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
"quote>, use the value of the shell_fallback parameter."
@@ -1083,7 +1151,7 @@ msgstr ""
"shell_fallback » sera utilisée."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:632
+#: sssd.conf.5.xml:663
msgid ""
"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
"shells</quote>, a nologin shell is used."
@@ -1092,14 +1160,14 @@ msgstr ""
"ni dans <quote>/etc/shells</quote>, une connexion sans shell est utilisée."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:637
+#: sssd.conf.5.xml:668
#, fuzzy
#| msgid "These options can be used to configure any service."
msgid "The wildcard (*) can be used to allow any shell."
msgstr "Ces options peuvent être utilisées pour configurer les services."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:640
+#: sssd.conf.5.xml:671
msgid ""
"The (*) is useful if you want to use shell_fallback in case that user's "
"shell is not in <quote>/etc/shells</quote> and maintaining list of all "
@@ -1107,14 +1175,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:647
+#: sssd.conf.5.xml:678
msgid "An empty string for shell is passed as-is to libc."
msgstr ""
"Une chaîne vide pour l'interpréteur de commandes est passée telle quelle est "
"à la libc."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:650
+#: sssd.conf.5.xml:681
msgid ""
"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
"that a restart of the SSSD is required in case a new shell is installed."
@@ -1124,31 +1192,31 @@ msgstr ""
"est installé."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:654
+#: sssd.conf.5.xml:685
msgid "Default: Not set. The user shell is automatically used."
msgstr ""
"Par défaut : non défini. L'interpréteur de commandes de l'utilisateur est "
"utilisé automatiquement."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:659
+#: sssd.conf.5.xml:690
msgid "vetoed_shells (string)"
msgstr "vetoed_shells (chaîne)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:662
+#: sssd.conf.5.xml:693
msgid "Replace any instance of these shells with the shell_fallback"
msgstr ""
"Remplace toutes les occurences de ces interpréteurs de commandes par "
"l'interpréteur de commandes par défaut"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:667
+#: sssd.conf.5.xml:698
msgid "shell_fallback (string)"
msgstr "shell_fallback (chaîne)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:670
+#: sssd.conf.5.xml:701
msgid ""
"The default shell to use if an allowed shell is not installed on the machine."
msgstr ""
@@ -1156,17 +1224,17 @@ msgstr ""
"commandes autorisé n'est pas installé sur la machine."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:674
+#: sssd.conf.5.xml:705
msgid "Default: /bin/sh"
msgstr "Par défaut : /bin/sh"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:679
+#: sssd.conf.5.xml:710
msgid "default_shell"
msgstr "default_shell"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:682
+#: sssd.conf.5.xml:713
msgid ""
"The default shell to use if the provider does not return one during lookup. "
"This option can be specified globally in the [nss] section or per-domain."
@@ -1176,7 +1244,7 @@ msgstr ""
"choix soit dans la section [nss], soit par domaine."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:688
+#: sssd.conf.5.xml:719
msgid ""
"Default: not set (Return NULL if no shell is specified and rely on libc to "
"substitute something sensible when necessary, usually /bin/sh)"
@@ -1186,12 +1254,12 @@ msgstr ""
"nécessaire, habituellement /bin/sh)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:695 sssd.conf.5.xml:881
+#: sssd.conf.5.xml:726 sssd.conf.5.xml:912
msgid "get_domains_timeout (int)"
msgstr "get_domains_timeout (int)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:698 sssd.conf.5.xml:884
+#: sssd.conf.5.xml:729 sssd.conf.5.xml:915
msgid ""
"Specifies time in seconds for which the list of subdomains will be "
"considered valid."
@@ -1200,12 +1268,12 @@ msgstr ""
"jugée valide."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:707
+#: sssd.conf.5.xml:738
msgid "memcache_timeout (int)"
msgstr "memcache_timeout (int)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:710
+#: sssd.conf.5.xml:741
msgid ""
"Specifies time in seconds for which records in the in-memory cache will be "
"valid"
@@ -1214,17 +1282,17 @@ msgstr ""
"mémoire seront valides"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:714 sssd-ldap.5.xml:706
+#: sssd.conf.5.xml:745 sssd-ldap.5.xml:706
msgid "Default: 300"
msgstr "Par défaut : 300"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:719 sssd-ifp.5.xml:74
+#: sssd.conf.5.xml:750 sssd-ifp.5.xml:74
msgid "user_attributes (string)"
msgstr "user_attributes (chaîne)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:722
+#: sssd.conf.5.xml:753
msgid ""
"Some of the additional NSS responder requests can return more attributes "
"than just the POSIX ones defined by the NSS interface. The list of "
@@ -1235,24 +1303,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:735
+#: sssd.conf.5.xml:766
msgid ""
"To make configuration more easy the NSS responder will check the InfoPipe "
"option if it is not set for the NSS responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:740
+#: sssd.conf.5.xml:771
msgid "Default: not set, fallback to InfoPipe option"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:747
+#: sssd.conf.5.xml:778
msgid "PAM configuration options"
msgstr "Options de configuration de PAM"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:749
+#: sssd.conf.5.xml:780
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
@@ -1261,12 +1329,12 @@ msgstr ""
"Module (PAM)."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:754
+#: sssd.conf.5.xml:785
msgid "offline_credentials_expiration (integer)"
msgstr "offline_credentials_expiration (entier)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:757
+#: sssd.conf.5.xml:788
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
@@ -1276,17 +1344,17 @@ msgstr ""
"connexion réussie)."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:762 sssd.conf.5.xml:775
+#: sssd.conf.5.xml:793 sssd.conf.5.xml:806
msgid "Default: 0 (No limit)"
msgstr "Par défaut : 0 (pas de limite)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:768
+#: sssd.conf.5.xml:799
msgid "offline_failed_login_attempts (integer)"
msgstr "offline_failed_login_attempts (entier)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:771
+#: sssd.conf.5.xml:802
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
@@ -1295,12 +1363,12 @@ msgstr ""
"échouées sont autorisées."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:781
+#: sssd.conf.5.xml:812
msgid "offline_failed_login_delay (integer)"
msgstr "offline_failed_login_delay (entier)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:784
+#: sssd.conf.5.xml:815
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
@@ -1310,7 +1378,7 @@ msgstr ""
"soit possible."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:789
+#: sssd.conf.5.xml:820
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -1321,17 +1389,17 @@ msgstr ""
"connexion réussie en ligne peut réactiver l'authentification."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:795 sssd.conf.5.xml:848
+#: sssd.conf.5.xml:826 sssd.conf.5.xml:879
msgid "Default: 5"
msgstr "Par défaut : 5"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:801
+#: sssd.conf.5.xml:832
msgid "pam_verbosity (integer)"
msgstr "pam_verbosity (entier)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:804
+#: sssd.conf.5.xml:835
msgid ""
"Controls what kind of messages are shown to the user during authentication. "
"The higher the number to more messages are displayed."
@@ -1341,44 +1409,44 @@ msgstr ""
"affichés sera important."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:809
+#: sssd.conf.5.xml:840
msgid "Currently sssd supports the following values:"
msgstr "Actuellement sssd supporte les valeurs suivantes :"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:812
+#: sssd.conf.5.xml:843
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr "<emphasis>0</emphasis> : ne pas afficher de message"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:815
+#: sssd.conf.5.xml:846
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr "<emphasis>1</emphasis> : afficher seulement les messages importants"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:819
+#: sssd.conf.5.xml:850
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr "<emphasis>2</emphasis> : afficher les messages d'information"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:822
+#: sssd.conf.5.xml:853
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
"<emphasis>3</emphasis> : afficher tous les messages et informations de "
"débogage"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:826 sssd.8.xml:63
+#: sssd.conf.5.xml:857 sssd.8.xml:63
msgid "Default: 1"
msgstr "Par défaut : 1"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:831
+#: sssd.conf.5.xml:862
msgid "pam_id_timeout (integer)"
msgstr "pam_id_timeout (entier)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:834
+#: sssd.conf.5.xml:865
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -1390,7 +1458,7 @@ msgstr ""
"les dernières informations."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:840
+#: sssd.conf.5.xml:871
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a per-"
@@ -1404,17 +1472,17 @@ msgstr ""
"fournisseur d'identité."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:854
+#: sssd.conf.5.xml:885
msgid "pam_pwd_expiration_warning (integer)"
msgstr "pam_pwd_expiration_warning (entier)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:857 sssd.conf.5.xml:1390
+#: sssd.conf.5.xml:888 sssd.conf.5.xml:1442
msgid "Display a warning N days before the password expires."
msgstr "Afficher une alerte N jours avant l'expiration du mot de passe."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:860
+#: sssd.conf.5.xml:891
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1425,7 +1493,7 @@ msgstr ""
"ne peut afficher de message d'alerte."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:866 sssd.conf.5.xml:1393
+#: sssd.conf.5.xml:897 sssd.conf.5.xml:1445
msgid ""
"If zero is set, then this filter is not applied, i.e. if the expiration "
"warning was received from backend server, it will automatically be displayed."
@@ -1435,7 +1503,7 @@ msgstr ""
"sera automatiquement affiché."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:871
+#: sssd.conf.5.xml:902
msgid ""
"This setting can be overridden by setting <emphasis>pwd_expiration_warning</"
"emphasis> for a particular domain."
@@ -1444,17 +1512,17 @@ msgstr ""
"<emphasis>pwd_expiration_warning</emphasis> pour un domaine particulier."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:876 sssd.8.xml:79
+#: sssd.conf.5.xml:907 sssd.8.xml:79
msgid "Default: 0"
msgstr "Par défaut : 0"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:893
+#: sssd.conf.5.xml:924
msgid "pam_trusted_users (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:896
+#: sssd.conf.5.xml:927
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAM responder. User names are resolved to UIDs at "
@@ -1462,59 +1530,77 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:902
+#: sssd.conf.5.xml:933
msgid "Default: all (All users are allowed to access the PAM responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:906
+#: sssd.conf.5.xml:937
msgid ""
"Please note that UID 0 is always allowed to access the PAM responder even in "
"case it is not in the pam_trusted_users list."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:913
+#: sssd.conf.5.xml:944
msgid "pam_public_domains (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:916
+#: sssd.conf.5.xml:947
msgid ""
"Specifies the comma-separated list of domain names that are accessible even "
"to untrusted users."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:920
+#: sssd.conf.5.xml:951
msgid "Two special values for pam_public_domains option are defined:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:924
+#: sssd.conf.5.xml:955
msgid ""
"all (Untrusted users are allowed to access all domains in PAM responder.)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:928
+#: sssd.conf.5.xml:959
msgid ""
"none (Untrusted users are not allowed to access any domains PAM in "
"responder.)"
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:932 sssd.conf.5.xml:1192 sssd-ldap.5.xml:1753
-msgid "Default: none"
-msgstr "Par défaut : aucun"
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:968
+#, fuzzy
+#| msgid "ldap_user_ad_account_expires (string)"
+msgid "pam_account_expired_message (string)"
+msgstr "ldap_user_ad_account_expires (chaîne)"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:971
+msgid ""
+"If user is authenticating using SSH keys and account is expired then by "
+"default 'Permission denied' is output. This output will be changed to "
+"content of this variable if it is set."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd.conf.5.xml:980
+#, no-wrap
+msgid ""
+"pam_account_expired_message = Account expired, please call help desk.\n"
+" "
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:941
+#: sssd.conf.5.xml:993
msgid "SUDO configuration options"
msgstr "Options de configuration de SUDO"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:943
+#: sssd.conf.5.xml:995
msgid ""
"These options can be used to configure the sudo service. The detailed "
"instructions for configuration of <citerefentry> <refentrytitle>sudo</"
@@ -1531,12 +1617,12 @@ msgstr ""
"sudo</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:960
+#: sssd.conf.5.xml:1012
msgid "sudo_timed (bool)"
msgstr "sudo_timed (booléen)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:1015
msgid ""
"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
"that implement time-dependent sudoers entries."
@@ -1545,22 +1631,22 @@ msgstr ""
"les entrées sudoers sensibles au temps."
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:976
+#: sssd.conf.5.xml:1028
msgid "AUTOFS configuration options"
msgstr "Options de configuration AUTOFS"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:978
+#: sssd.conf.5.xml:1030
msgid "These options can be used to configure the autofs service."
msgstr "Ces options peuvent être utilisées pour configurer le service autofs."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:982
+#: sssd.conf.5.xml:1034
msgid "autofs_negative_timeout (integer)"
msgstr "autofs_negative_timeout (entier)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:985
+#: sssd.conf.5.xml:1037
msgid ""
"Specifies for how many seconds should the autofs responder negative cache "
"hits (that is, queries for invalid map entries, like nonexistent ones) "
@@ -1572,23 +1658,23 @@ msgstr ""
"moteur."
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1001
+#: sssd.conf.5.xml:1053
msgid "SSH configuration options"
msgstr "Options de configuration SSH"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1003
+#: sssd.conf.5.xml:1055
msgid "These options can be used to configure the SSH service."
msgstr ""
"Les options suivantes peuvent être utilisées pour configurer le service SSH."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1007
+#: sssd.conf.5.xml:1059
msgid "ssh_hash_known_hosts (bool)"
msgstr "ssh_hash_known_hosts (bool)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1010
+#: sssd.conf.5.xml:1062
msgid ""
"Whether or not to hash host names and addresses in the managed known_hosts "
"file."
@@ -1596,12 +1682,12 @@ msgstr ""
"Condenser ou non les noms de systèmes et adresses du fichier known_hosts"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1019
+#: sssd.conf.5.xml:1071
msgid "ssh_known_hosts_timeout (integer)"
msgstr "ssh_known_hosts_timeout (integer)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1022
+#: sssd.conf.5.xml:1074
msgid ""
"How many seconds to keep a host in the managed known_hosts file after its "
"host keys were requested."
@@ -1610,17 +1696,17 @@ msgstr ""
"known_hosts géré après que ses clés de système ont été demandés."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1026
+#: sssd.conf.5.xml:1078
msgid "Default: 180"
msgstr "Par défaut : 180"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1034
+#: sssd.conf.5.xml:1086
msgid "PAC responder configuration options"
msgstr "Options de configuration du répondeur PAC"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1036
+#: sssd.conf.5.xml:1088
msgid ""
"The PAC responder works together with the authorization data plugin for MIT "
"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
@@ -1639,7 +1725,7 @@ msgstr ""
"décodées et évaluées, les opérations suivantes sont effectuées :"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1045
+#: sssd.conf.5.xml:1097
msgid ""
"If the remote user does not exist in the cache, it is created. The uid is "
"determined with the help of the SID, trusted domains will have UPGs and the "
@@ -1657,7 +1743,7 @@ msgstr ""
"default_shell."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1053
+#: sssd.conf.5.xml:1105
msgid ""
"If there are SIDs of groups from domains sssd knows about, the user will be "
"added to those groups."
@@ -1666,19 +1752,19 @@ msgstr ""
"ajouté à ces groupes."
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1059
+#: sssd.conf.5.xml:1111
msgid "These options can be used to configure the PAC responder."
msgstr ""
"Les options suivantes peuvent être utilisées pour configurer le répondeur "
"PAC."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1063 sssd-ifp.5.xml:50
+#: sssd.conf.5.xml:1115 sssd-ifp.5.xml:50
msgid "allowed_uids (string)"
msgstr "allowed_uids (string)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1066
+#: sssd.conf.5.xml:1118
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAC responder. User names are resolved to UIDs at "
@@ -1689,14 +1775,14 @@ msgstr ""
"seront résolus en UID au démarrage."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1072
+#: sssd.conf.5.xml:1124
msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
msgstr ""
"Par défaut : 0 (seul l'utilisateur root est autorisé à accéder au répondeur "
"PAC)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1076
+#: sssd.conf.5.xml:1128
msgid ""
"Please note that although the UID 0 is used as the default it will be "
"overwritten with this option. If you still want to allow the root user to "
@@ -1709,17 +1795,17 @@ msgstr ""
"0 à la liste des UID d'utilisateurs autorisés."
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:1090
+#: sssd.conf.5.xml:1142
msgid "DOMAIN SECTIONS"
msgstr "SECTIONS DOMAINES"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1097
+#: sssd.conf.5.xml:1149
msgid "min_id,max_id (integer)"
msgstr "min_id,max_id (entier)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1100
+#: sssd.conf.5.xml:1152
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
@@ -1728,7 +1814,7 @@ msgstr ""
"dehors de ces limites, elle est ignorée."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1105
+#: sssd.conf.5.xml:1157
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For non-"
@@ -1741,7 +1827,7 @@ msgstr ""
"qui sont dans la plage seront rapportés comme prévu."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1112
+#: sssd.conf.5.xml:1164
msgid ""
"These ID limits affect even saving entries to cache, not only returning them "
"by name or ID."
@@ -1750,17 +1836,17 @@ msgstr ""
"pas seulement leur recherche par nom ou identifiant."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1116
+#: sssd.conf.5.xml:1168
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr "Default: 1 for min_id, 0 (no limit) for max_id"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1122
+#: sssd.conf.5.xml:1174
msgid "enumerate (bool)"
msgstr "enumerate (booléen)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1125
+#: sssd.conf.5.xml:1177
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
@@ -1769,23 +1855,23 @@ msgstr ""
"valeurs suivantes :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1129
+#: sssd.conf.5.xml:1181
msgid "TRUE = Users and groups are enumerated"
msgstr "TRUE = utilisateurs et groupes sont énumérés"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1132
+#: sssd.conf.5.xml:1184
msgid "FALSE = No enumerations for this domain"
msgstr "FALSE = aucune énumération pour ce domaine"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1135 sssd.conf.5.xml:1367 sssd.conf.5.xml:1476
-#: sssd.conf.5.xml:1493
+#: sssd.conf.5.xml:1187 sssd.conf.5.xml:1419 sssd.conf.5.xml:1528
+#: sssd.conf.5.xml:1545
msgid "Default: FALSE"
msgstr "Par défaut : FALSE"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1138
+#: sssd.conf.5.xml:1190
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
@@ -1806,7 +1892,7 @@ msgstr ""
"être recalculées."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1151
+#: sssd.conf.5.xml:1203
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
@@ -1816,7 +1902,7 @@ msgstr ""
"l'énumération ne se termine."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1156
+#: sssd.conf.5.xml:1208
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -1830,7 +1916,7 @@ msgstr ""
"fournisseur d'identité spécifique utilisé."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1164
+#: sssd.conf.5.xml:1216
msgid ""
"For the reasons cited above, enabling enumeration is not recommended, "
"especially in large environments."
@@ -1839,32 +1925,32 @@ msgstr ""
"déconseillée, surtout dans les environnements de grande taille."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1172
+#: sssd.conf.5.xml:1224
msgid "subdomain_enumerate (string)"
msgstr "subdomain_enumerate (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1179
+#: sssd.conf.5.xml:1231
msgid "all"
msgstr "all"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1180
+#: sssd.conf.5.xml:1232
msgid "All discovered trusted domains will be enumerated"
msgstr "Tous les domaines approuvés découverts seront énumérés"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1183
+#: sssd.conf.5.xml:1235
msgid "none"
msgstr "none"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1184
+#: sssd.conf.5.xml:1236
msgid "No discovered trusted domains will be enumerated"
msgstr "Aucun domaine approuvé découvert ne sera énuméré"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1175
+#: sssd.conf.5.xml:1227
msgid ""
"Whether any of autodetected trusted domains should be enumerated. The "
"supported values are: <placeholder type=\"variablelist\" id=\"0\"/> "
@@ -1878,12 +1964,12 @@ msgstr ""
"activer l'énumération pour ces seuls domaines."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1215
+#: sssd.conf.5.xml:1267
msgid "entry_cache_timeout (integer)"
msgstr "entry_cache_timeout (entier)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1218
+#: sssd.conf.5.xml:1270
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
@@ -1892,7 +1978,7 @@ msgstr ""
"comme valides avant de les redemander au moteur"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1222
+#: sssd.conf.5.xml:1274
msgid ""
"The cache expiration timestamps are stored as attributes of individual "
"objects in the cache. Therefore, changing the cache timeout only has effect "
@@ -1910,17 +1996,17 @@ msgstr ""
"rafraîchissement des entrées qui sont déjà en cache."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1235
+#: sssd.conf.5.xml:1287
msgid "Default: 5400"
msgstr "Par défaut : 5400"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1241
+#: sssd.conf.5.xml:1293
msgid "entry_cache_user_timeout (integer)"
msgstr "entry_cache_user_timeout (entier)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1244
+#: sssd.conf.5.xml:1296
msgid ""
"How many seconds should nss_sss consider user entries valid before asking "
"the backend again"
@@ -1929,19 +2015,19 @@ msgstr ""
"d'utilisateurs comme valides avant de les redemander au moteur."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1248 sssd.conf.5.xml:1261 sssd.conf.5.xml:1274
-#: sssd.conf.5.xml:1287 sssd.conf.5.xml:1300 sssd.conf.5.xml:1314
-#: sssd.conf.5.xml:1328
+#: sssd.conf.5.xml:1300 sssd.conf.5.xml:1313 sssd.conf.5.xml:1326
+#: sssd.conf.5.xml:1339 sssd.conf.5.xml:1352 sssd.conf.5.xml:1366
+#: sssd.conf.5.xml:1380
msgid "Default: entry_cache_timeout"
msgstr "Par défaut : entry_cache_timeout"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1254
+#: sssd.conf.5.xml:1306
msgid "entry_cache_group_timeout (integer)"
msgstr "entry_cache_group_timeout (entier)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1257
+#: sssd.conf.5.xml:1309
msgid ""
"How many seconds should nss_sss consider group entries valid before asking "
"the backend again"
@@ -1950,12 +2036,12 @@ msgstr ""
"groupes comme valides avant de les redemander au moteur."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1267
+#: sssd.conf.5.xml:1319
msgid "entry_cache_netgroup_timeout (integer)"
msgstr "entry_cache_netgroup_timeout (entier)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1270
+#: sssd.conf.5.xml:1322
msgid ""
"How many seconds should nss_sss consider netgroup entries valid before "
"asking the backend again"
@@ -1964,12 +2050,12 @@ msgstr ""
"netgroup comme valides avant de les redemander au moteur."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1280
+#: sssd.conf.5.xml:1332
msgid "entry_cache_service_timeout (integer)"
msgstr "entry_cache_service_timeout (entier)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1283
+#: sssd.conf.5.xml:1335
msgid ""
"How many seconds should nss_sss consider service entries valid before asking "
"the backend again"
@@ -1978,12 +2064,12 @@ msgstr ""
"service valides avant de les redemander au moteur"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1293
+#: sssd.conf.5.xml:1345
msgid "entry_cache_sudo_timeout (integer)"
msgstr "entry_cache_sudo_timeout (integer)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1296
+#: sssd.conf.5.xml:1348
msgid ""
"How many seconds should sudo consider rules valid before asking the backend "
"again"
@@ -1992,12 +2078,12 @@ msgstr ""
"valides avant de les redemander au moteur"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1306
+#: sssd.conf.5.xml:1358
msgid "entry_cache_autofs_timeout (integer)"
msgstr "entry_cache_autofs_timeout (integer)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1309
+#: sssd.conf.5.xml:1361
msgid ""
"How many seconds should the autofs service consider automounter maps valid "
"before asking the backend again"
@@ -2006,24 +2092,24 @@ msgstr ""
"cartes d'automontage comme valides avant de les redemander au moteur"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1320
+#: sssd.conf.5.xml:1372
msgid "entry_cache_ssh_host_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1323
+#: sssd.conf.5.xml:1375
msgid ""
"How many seconds to keep a host ssh key after refresh. IE how long to cache "
"the host key for."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1334
+#: sssd.conf.5.xml:1386
msgid "refresh_expired_interval (integer)"
msgstr "refresh_expired_interval (entier)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1337
+#: sssd.conf.5.xml:1389
msgid ""
"Specifies how many seconds SSSD has to wait before triggering a background "
"refresh task which will refresh all expired or nearly expired records."
@@ -2033,49 +2119,48 @@ msgstr ""
"enregistrements expirés ou sur le point de l'être."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1342
-msgid "Currently only refreshing expired netgroups is supported."
+#: sssd.conf.5.xml:1394
+msgid ""
+"The background refresh will process users, groups and netgroups in the cache."
msgstr ""
-"Actuellement, seul le rafraichissement des netgroups expirés est pris en "
-"charge."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1346
+#: sssd.conf.5.xml:1398
msgid "You can consider setting this value to 3/4 * entry_cache_timeout."
msgstr ""
"Il est envisageable de configurer cette valeur à 3/4 * entry_cache_timeout."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1350 sssd-ipa.5.xml:224
+#: sssd.conf.5.xml:1402 sssd-ipa.5.xml:224
msgid "Default: 0 (disabled)"
msgstr "Par défaut : 0 (désactivé)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1356
+#: sssd.conf.5.xml:1408
msgid "cache_credentials (bool)"
msgstr "cache_credentials (booléen)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1359
+#: sssd.conf.5.xml:1411
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
"Détermine si les données d'identification de l'utilisateur sont aussi mis en "
"cache dans le cache LDB local"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1363
+#: sssd.conf.5.xml:1415
msgid "User credentials are stored in a SHA512 hash, not in plaintext"
msgstr ""
"Les informations d'identification utilisateur sont stockées dans une table "
"de hachage SHA512, et non en texte brut"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1372
+#: sssd.conf.5.xml:1424
msgid "account_cache_expiration (integer)"
msgstr "account_cache_expiration (entier)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1375
+#: sssd.conf.5.xml:1427
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -2088,17 +2173,17 @@ msgstr ""
"paramètre doit être supérieur ou égal à offline_credentials_expiration."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1382
+#: sssd.conf.5.xml:1434
msgid "Default: 0 (unlimited)"
msgstr "Par défaut : 0 (illimité)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1387
+#: sssd.conf.5.xml:1439
msgid "pwd_expiration_warning (integer)"
msgstr "pwd_expiration_warning (integer)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1398
+#: sssd.conf.5.xml:1450
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -2111,17 +2196,17 @@ msgstr ""
"fournisseur oauth doit être configuré pour le moteur."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1405
+#: sssd.conf.5.xml:1457
msgid "Default: 7 (Kerberos), 0 (LDAP)"
msgstr "Par défaut : 7 (Kerberos), 0 (LDAP)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1411
+#: sssd.conf.5.xml:1463
msgid "id_provider (string)"
msgstr "id_provider (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1414
+#: sssd.conf.5.xml:1466
msgid ""
"The identification provider used for the domain. Supported ID providers are:"
msgstr ""
@@ -2129,18 +2214,18 @@ msgstr ""
"d'identification pris en charge sont :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1418
+#: sssd.conf.5.xml:1470
msgid "<quote>proxy</quote>: Support a legacy NSS provider"
msgstr "<quote>proxy</quote> : prise en charge de l'ancien fournisseur NSS"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1421 sssd.conf.5.xml:1539
+#: sssd.conf.5.xml:1473 sssd.conf.5.xml:1591
msgid "<quote>local</quote>: SSSD internal provider for local users"
msgstr ""
"<quote>local</quote> : Fournisseur interne SSSD pour les utilisateurs locaux"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1425
+#: sssd.conf.5.xml:1477
msgid ""
"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
@@ -2152,8 +2237,8 @@ msgstr ""
"LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1433 sssd.conf.5.xml:1519 sssd.conf.5.xml:1574
-#: sssd.conf.5.xml:1627
+#: sssd.conf.5.xml:1485 sssd.conf.5.xml:1571 sssd.conf.5.xml:1626
+#: sssd.conf.5.xml:1679
msgid ""
"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -2166,8 +2251,8 @@ msgstr ""
"configuration de FreeIPA."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1442 sssd.conf.5.xml:1528 sssd.conf.5.xml:1583
-#: sssd.conf.5.xml:1636
+#: sssd.conf.5.xml:1494 sssd.conf.5.xml:1580 sssd.conf.5.xml:1635
+#: sssd.conf.5.xml:1688
msgid ""
"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2179,12 +2264,12 @@ msgstr ""
"d'Active Directory."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1453
+#: sssd.conf.5.xml:1505
msgid "use_fully_qualified_names (bool)"
msgstr "use_fully_qualified_names (booléen)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1456
+#: sssd.conf.5.xml:1508
msgid ""
"Use the full name and domain (as formatted by the domain's full_name_format) "
"as the user's login name reported to NSS."
@@ -2194,7 +2279,7 @@ msgstr ""
"communiqué à NSS."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1461
+#: sssd.conf.5.xml:1513
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified names. "
"For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -2208,7 +2293,7 @@ msgstr ""
"trouve."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1469
+#: sssd.conf.5.xml:1521
msgid ""
"NOTE: This option has no effect on netgroup lookups due to their tendency to "
"include nested netgroups without qualified names. For netgroups, all domains "
@@ -2220,17 +2305,17 @@ msgstr ""
"qualifié sera demandé."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1481
+#: sssd.conf.5.xml:1533
msgid "ignore_group_members (bool)"
msgstr "ignore_group_members (booléen)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1484
+#: sssd.conf.5.xml:1536
msgid "Do not return group members for group lookups."
msgstr "Ne pas envoyer les membres des groupes sur les recherches de groupes."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1487
+#: sssd.conf.5.xml:1539
msgid ""
"If set to TRUE, the group membership attribute is not requested from the "
"ldap server, and group members are not returned when processing group lookup "
@@ -2241,12 +2326,12 @@ msgstr ""
"traitement des appels de recherche de groupes."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1498
+#: sssd.conf.5.xml:1550
msgid "auth_provider (string)"
msgstr "auth_provider (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1501
+#: sssd.conf.5.xml:1553
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
@@ -2255,7 +2340,7 @@ msgstr ""
"pris en charge sont :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1505 sssd.conf.5.xml:1567
+#: sssd.conf.5.xml:1557 sssd.conf.5.xml:1619
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2267,7 +2352,7 @@ msgstr ""
"LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1512
+#: sssd.conf.5.xml:1564
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2278,7 +2363,7 @@ msgstr ""
"citerefentry> pour plus d'informations sur la configuration de Kerberos."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1536
+#: sssd.conf.5.xml:1588
msgid ""
"<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr ""
@@ -2286,12 +2371,12 @@ msgstr ""
"PAM."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1543
+#: sssd.conf.5.xml:1595
msgid "<quote>none</quote> disables authentication explicitly."
msgstr "<quote>none</quote> désactive l'authentification explicitement."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1546
+#: sssd.conf.5.xml:1598
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
@@ -2300,12 +2385,12 @@ msgstr ""
"gérer les requêtes d'authentification."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1552
+#: sssd.conf.5.xml:1604
msgid "access_provider (string)"
msgstr "access_provider (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1555
+#: sssd.conf.5.xml:1607
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -2316,7 +2401,7 @@ msgstr ""
"installés). Les fournisseurs internes spécifiques sont :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1561
+#: sssd.conf.5.xml:1613
msgid ""
"<quote>permit</quote> always allow access. It's the only permitted access "
"provider for a local domain."
@@ -2325,12 +2410,12 @@ msgstr ""
"d'accès autorisé pour un domaine local."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1564
+#: sssd.conf.5.xml:1616
msgid "<quote>deny</quote> always deny access."
msgstr "<quote>deny</quote> toujours refuser les accès."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1591
+#: sssd.conf.5.xml:1643
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
@@ -2343,17 +2428,17 @@ msgstr ""
"d'informations sur la configuration du module d'accès simple."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1598
+#: sssd.conf.5.xml:1650
msgid "Default: <quote>permit</quote>"
msgstr "Par défaut : <quote>permit</quote>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1603
+#: sssd.conf.5.xml:1655
msgid "chpass_provider (string)"
msgstr "chpass_provider (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1606
+#: sssd.conf.5.xml:1658
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
@@ -2362,7 +2447,7 @@ msgstr ""
"domaine. Les fournisseurs pris en charge sont :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1611
+#: sssd.conf.5.xml:1663
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
@@ -2374,7 +2459,7 @@ msgstr ""
"configuration LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1619
+#: sssd.conf.5.xml:1671
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2386,7 +2471,7 @@ msgstr ""
"Kerberos."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1644
+#: sssd.conf.5.xml:1696
msgid ""
"<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr ""
@@ -2394,14 +2479,14 @@ msgstr ""
"autre cible PAM."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1648
+#: sssd.conf.5.xml:1700
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr ""
"<quote>none</quote> pour désactiver explicitement le changement de mot de "
"passe."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1651
+#: sssd.conf.5.xml:1703
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
@@ -2410,19 +2495,19 @@ msgstr ""
"peut gérer les changements de mot de passe."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1658
+#: sssd.conf.5.xml:1710
msgid "sudo_provider (string)"
msgstr "sudo_provider (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1661
+#: sssd.conf.5.xml:1713
msgid "The SUDO provider used for the domain. Supported SUDO providers are:"
msgstr ""
"Le fournisseur SUDO, utilisé pour le domaine. Les fournisseurs SUDO pris en "
"charge sont :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1665
+#: sssd.conf.5.xml:1717
msgid ""
"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2434,7 +2519,7 @@ msgstr ""
"LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1673
+#: sssd.conf.5.xml:1725
msgid ""
"<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default "
"settings."
@@ -2443,7 +2528,7 @@ msgstr ""
"par défaut pour IPA."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1677
+#: sssd.conf.5.xml:1729
msgid ""
"<quote>ad</quote> the same as <quote>ldap</quote> but with AD default "
"settings."
@@ -2452,20 +2537,20 @@ msgstr ""
"par défaut pour AD."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1681
+#: sssd.conf.5.xml:1733
msgid "<quote>none</quote> disables SUDO explicitly."
msgstr "<quote>none</quote> désactive explicitement SUDO."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1684 sssd.conf.5.xml:1762 sssd.conf.5.xml:1794
-#: sssd.conf.5.xml:1819
+#: sssd.conf.5.xml:1736 sssd.conf.5.xml:1814 sssd.conf.5.xml:1846
+#: sssd.conf.5.xml:1871
msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
msgstr ""
"Par défaut : La valeur de <quote>id_provider</quote> est utilisée si elle "
"est définie."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1688
+#: sssd.conf.5.xml:1740
msgid ""
"The detailed instructions for configuration of sudo_provider are in the "
"manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> "
@@ -2476,12 +2561,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1705
+#: sssd.conf.5.xml:1757
msgid "selinux_provider (string)"
msgstr "selinux_provider (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1708
+#: sssd.conf.5.xml:1760
msgid ""
"The provider which should handle loading of selinux settings. Note that this "
"provider will be called right after access provider ends. Supported selinux "
@@ -2492,7 +2577,7 @@ msgstr ""
"fournisseur d'accès. Les fournisseurs selinux pris en charge sont :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1714
+#: sssd.conf.5.xml:1766
msgid ""
"<quote>ipa</quote> to load selinux settings from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2504,14 +2589,14 @@ msgstr ""
"IPA."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1722
+#: sssd.conf.5.xml:1774
msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
msgstr ""
"<quote>none</quote> n'autorise pas la récupération explicite des paramètres "
"selinux."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1725
+#: sssd.conf.5.xml:1777
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"selinux loading requests."
@@ -2520,12 +2605,12 @@ msgstr ""
"gérer le chargement selinux"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1731
+#: sssd.conf.5.xml:1783
msgid "subdomains_provider (string)"
msgstr "subdomains_provider (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1734
+#: sssd.conf.5.xml:1786
msgid ""
"The provider which should handle fetching of subdomains. This value should "
"be always the same as id_provider. Supported subdomain providers are:"
@@ -2535,7 +2620,7 @@ msgstr ""
"fournisseurs de sous-domaine pris en charge sont :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1740
+#: sssd.conf.5.xml:1792
msgid ""
"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2547,7 +2632,7 @@ msgstr ""
"IPA."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1749
+#: sssd.conf.5.xml:1801
msgid ""
"<quote>ad</quote> to load a list of subdomains from an Active Directory "
"server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> "
@@ -2556,18 +2641,18 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1758
+#: sssd.conf.5.xml:1810
msgid "<quote>none</quote> disallows fetching subdomains explicitly."
msgstr ""
"<quote>none</quote> désactive la récupération explicite des sous-domaines."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1769
+#: sssd.conf.5.xml:1821
msgid "autofs_provider (string)"
msgstr "autofs_provider (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1772
+#: sssd.conf.5.xml:1824
msgid ""
"The autofs provider used for the domain. Supported autofs providers are:"
msgstr ""
@@ -2575,7 +2660,7 @@ msgstr ""
"en charge sont :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1776
+#: sssd.conf.5.xml:1828
msgid ""
"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2587,7 +2672,7 @@ msgstr ""
"LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1783
+#: sssd.conf.5.xml:1835
msgid ""
"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2599,17 +2684,17 @@ msgstr ""
"IPA."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1791
+#: sssd.conf.5.xml:1843
msgid "<quote>none</quote> disables autofs explicitly."
msgstr "<quote>none</quote> désactive explicitement autofs."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1801
+#: sssd.conf.5.xml:1853
msgid "hostid_provider (string)"
msgstr "hostid_provider (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1804
+#: sssd.conf.5.xml:1856
msgid ""
"The provider used for retrieving host identity information. Supported "
"hostid providers are:"
@@ -2618,7 +2703,7 @@ msgstr ""
"systèmes. Les fournisseurs de hostid pris en charge sont :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1808
+#: sssd.conf.5.xml:1860
msgid ""
"<quote>ipa</quote> to load host identity stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2630,12 +2715,12 @@ msgstr ""
"configuration de IPA."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1816
+#: sssd.conf.5.xml:1868
msgid "<quote>none</quote> disables hostid explicitly."
msgstr "<quote>none</quote> désactive explicitement hostid."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1829
+#: sssd.conf.5.xml:1881
msgid ""
"Regular expression for this domain that describes how to parse the string "
"containing user name and domain into these components. The \"domain\" can "
@@ -2651,7 +2736,7 @@ msgstr ""
"domaine."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1838
+#: sssd.conf.5.xml:1890
msgid ""
"Default for the AD and IPA provider: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
"\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
@@ -2664,22 +2749,22 @@ msgstr ""
"styles différents pour les noms d'utilisateurs :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1843
+#: sssd.conf.5.xml:1895
msgid "username"
msgstr "username"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1846
+#: sssd.conf.5.xml:1898
msgid "username@domain.name"
msgstr "username@domain.name"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1849
+#: sssd.conf.5.xml:1901
msgid "domain\\username"
msgstr "domain\\username"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1852
+#: sssd.conf.5.xml:1904
msgid ""
"While the first two correspond to the general default the third one is "
"introduced to allow easy integration of users from Windows domains."
@@ -2689,7 +2774,7 @@ msgstr ""
"utilisateurs de domaines Windows."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1857
+#: sssd.conf.5.xml:1909
msgid ""
"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
"which translates to \"the name is everything up to the <quote>@</quote> "
@@ -2700,7 +2785,7 @@ msgstr ""
"importe le domaine après »"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1863
+#: sssd.conf.5.xml:1915
msgid ""
"PLEASE NOTE: the support for non-unique named subpatterns is not available "
"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
@@ -2712,7 +2797,7 @@ msgstr ""
"prendre en charge les sous-motifs nommés multiples."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1870
+#: sssd.conf.5.xml:1922
msgid ""
"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?"
"P&lt;name&gt;) to label subpatterns."
@@ -2721,17 +2806,17 @@ msgstr ""
"la syntaxe Python (?P&lt;name&gt;) pour nommer les sous-motifs."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1917
+#: sssd.conf.5.xml:1969
msgid "Default: <quote>%1$s@%2$s</quote>."
msgstr "Par défaut : <quote>%1$s@%2$s</quote>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1923
+#: sssd.conf.5.xml:1975
msgid "lookup_family_order (string)"
msgstr "lookup_family_order (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1926
+#: sssd.conf.5.xml:1978
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
@@ -2740,48 +2825,48 @@ msgstr ""
"utiliser pour effectuer les requêtes DNS."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1930
+#: sssd.conf.5.xml:1982
msgid "Supported values:"
msgstr "Valeurs prises en charge :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1933
+#: sssd.conf.5.xml:1985
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr ""
"ipv4_first : essayer de chercher une adresse IPv4, et en cas d'échec, "
"essayer IPv6."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1936
+#: sssd.conf.5.xml:1988
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr ""
"ipv4_only : ne tenter de résoudre les noms de systèmes qu'en adresses IPv4."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1939
+#: sssd.conf.5.xml:1991
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr ""
"ipv6_first : essayer de chercher une adresse IPv6, et en cas d'échec, tenter "
"IPv4."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1942
+#: sssd.conf.5.xml:1994
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr ""
"ipv6_only : ne tenter de résoudre les noms de systèmes qu'en adresses IPv6."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1945
+#: sssd.conf.5.xml:1997
msgid "Default: ipv4_first"
msgstr "Par défaut : ipv4_first"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1951
+#: sssd.conf.5.xml:2003
msgid "dns_resolver_timeout (integer)"
msgstr "dns_resolver_timeout (entier)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1954
+#: sssd.conf.5.xml:2006
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -2792,18 +2877,18 @@ msgstr ""
"domaine continuera à opérer en mode déconnecté."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1960 sssd-ldap.5.xml:1184 sssd-ldap.5.xml:1226
-#: sssd-ldap.5.xml:1241 sssd-krb5.5.xml:239
+#: sssd.conf.5.xml:2012 sssd-ldap.5.xml:1184 sssd-ldap.5.xml:1226
+#: sssd-ldap.5.xml:1241 sssd-krb5.5.xml:248
msgid "Default: 6"
msgstr "Par défaut : 6"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1966
+#: sssd.conf.5.xml:2018
msgid "dns_discovery_domain (string)"
msgstr "dns_discovery_domain (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1969
+#: sssd.conf.5.xml:2021
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
@@ -2812,54 +2897,54 @@ msgstr ""
"du domaine faisant partie de la requête DNS de découverte de services."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1973
+#: sssd.conf.5.xml:2025
msgid "Default: Use the domain part of machine's hostname"
msgstr ""
"Par défaut : utiliser la partie du domaine qui est dans le nom de système de "
"la machine."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1979
+#: sssd.conf.5.xml:2031
msgid "override_gid (integer)"
msgstr "override_gid (entier)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1982
+#: sssd.conf.5.xml:2034
msgid "Override the primary GID value with the one specified."
msgstr "Redéfinit le GID primaire avec la valeur spécifiée."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1988
+#: sssd.conf.5.xml:2040
msgid "case_sensitive (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1996
+#: sssd.conf.5.xml:2048
msgid "True"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1999
+#: sssd.conf.5.xml:2051
msgid "Case sensitive. This value is invalid for AD provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2005
+#: sssd.conf.5.xml:2057
msgid "False"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2007
+#: sssd.conf.5.xml:2059
msgid "Case insensitive."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2011
+#: sssd.conf.5.xml:2063
msgid "Preserving"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2014
+#: sssd.conf.5.xml:2066
msgid ""
"Same as False (case insensitive), but does not lowercase names in the result "
"of NSS operations. Note that name aliases (and in case of services also "
@@ -2867,7 +2952,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1991
+#: sssd.conf.5.xml:2043
msgid ""
"Treat user and group names as case sensitive. At the moment, this option is "
"not supported in the local provider. Possible option values are: "
@@ -2875,17 +2960,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2026
+#: sssd.conf.5.xml:2078
msgid "Default: True (False for AD provider)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2032
+#: sssd.conf.5.xml:2084
msgid "proxy_fast_alias (boolean)"
msgstr "proxy_fast_alias (boolean)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2035
+#: sssd.conf.5.xml:2087
msgid ""
"When a user or group is looked up by name in the proxy provider, a second "
"lookup by ID is performed to \"canonicalize\" the name in case the requested "
@@ -2899,22 +2984,22 @@ msgstr ""
"afin d'améliorer les performances."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2049
+#: sssd.conf.5.xml:2101
msgid "subdomain_homedir (string)"
msgstr "subdomain_homedir (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2060
+#: sssd.conf.5.xml:2112
msgid "%F"
msgstr "%F"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2061
+#: sssd.conf.5.xml:2113
msgid "flat (NetBIOS) name of a subdomain."
msgstr "nom plat (NetBIOS) d'un sous-domaine."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2052
+#: sssd.conf.5.xml:2104
msgid ""
"Use this homedir as default value for all subdomains within this domain in "
"IPA AD trust. See <emphasis>override_homedir</emphasis> for info about "
@@ -2930,7 +3015,7 @@ msgstr ""
"\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2066
+#: sssd.conf.5.xml:2118
msgid ""
"The value can be overridden by <emphasis>override_homedir</emphasis> option."
msgstr ""
@@ -2938,17 +3023,17 @@ msgstr ""
"emphasis>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2070
+#: sssd.conf.5.xml:2122
msgid "Default: <filename>/home/%d/%u</filename>"
msgstr "Par défaut : <filename>/home/%d/%u</filename>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2075
+#: sssd.conf.5.xml:2127
msgid "realmd_tags (string)"
msgstr "realmd_tags (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2078
+#: sssd.conf.5.xml:2130
msgid ""
"Various tags stored by the realmd configuration service for this domain."
msgstr ""
@@ -2956,7 +3041,7 @@ msgstr ""
"ce domaine."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1092
+#: sssd.conf.5.xml:1144
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
@@ -2968,17 +3053,17 @@ msgstr ""
"id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2091
+#: sssd.conf.5.xml:2143
msgid "proxy_pam_target (string)"
msgstr "proxy_pam_target (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2094
+#: sssd.conf.5.xml:2146
msgid "The proxy target PAM proxies to."
msgstr "Le proxy cible duquel PAM devient mandataire."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2097
+#: sssd.conf.5.xml:2149
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
@@ -2987,12 +3072,12 @@ msgstr ""
"ou en créer une nouvelle et ajouter le nom de service ici."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2105
+#: sssd.conf.5.xml:2157
msgid "proxy_lib_name (string)"
msgstr "proxy_lib_name (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2108
+#: sssd.conf.5.xml:2160
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -3003,7 +3088,7 @@ msgstr ""
"$(libName)_$(function), par exemple _nss_files_getpwent."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:2087
+#: sssd.conf.5.xml:2139
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
"\"0\"/>"
@@ -3012,12 +3097,12 @@ msgstr ""
"id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:2120
+#: sssd.conf.5.xml:2172
msgid "The local domain section"
msgstr "La section du domaine local"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:2122
+#: sssd.conf.5.xml:2174
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -3028,29 +3113,29 @@ msgstr ""
"dire un domaine qui utilise <replaceable>id_provider=local</replaceable>."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2129
+#: sssd.conf.5.xml:2181
msgid "default_shell (string)"
msgstr "default_shell (chaîne)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2132
+#: sssd.conf.5.xml:2184
msgid "The default shell for users created with SSSD userspace tools."
msgstr ""
"L'interpréteur de commandes par défaut pour les utilisateurs créés avec les "
"outils en espace utilisateur SSSD."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2136
+#: sssd.conf.5.xml:2188
msgid "Default: <filename>/bin/bash</filename>"
msgstr "Par défaut : <filename>/bin/bash</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2141
+#: sssd.conf.5.xml:2193
msgid "base_directory (string)"
msgstr "base_directory (chaîne)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2144
+#: sssd.conf.5.xml:2196
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
@@ -3059,17 +3144,17 @@ msgstr ""
"replaceable> et l'utilisent comme dossier personnel."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2149
+#: sssd.conf.5.xml:2201
msgid "Default: <filename>/home</filename>"
msgstr "Par défaut : <filename>/home</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2154
+#: sssd.conf.5.xml:2206
msgid "create_homedir (bool)"
msgstr "create_homedir (booléen)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2157
+#: sssd.conf.5.xml:2209
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
@@ -3078,17 +3163,17 @@ msgstr ""
"utilisateurs. Peut être outrepassé par la ligne de commande."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2161 sssd.conf.5.xml:2173
+#: sssd.conf.5.xml:2213 sssd.conf.5.xml:2225
msgid "Default: TRUE"
msgstr "Par défaut : TRUE"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2166
+#: sssd.conf.5.xml:2218
msgid "remove_homedir (bool)"
msgstr "remove_homedir (booléen)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2169
+#: sssd.conf.5.xml:2221
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
@@ -3097,12 +3182,12 @@ msgstr ""
"suppression des utilisateurs. Peut être outrepassé par la ligne de commande."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2178
+#: sssd.conf.5.xml:2230
msgid "homedir_umask (integer)"
msgstr "homedir_umask (entier)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2181
+#: sssd.conf.5.xml:2233
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -3113,17 +3198,17 @@ msgstr ""
"défaut sur un répertoire personnel nouvellement créé."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2189
+#: sssd.conf.5.xml:2241
msgid "Default: 077"
msgstr "Par défaut : 077"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2194
+#: sssd.conf.5.xml:2246
msgid "skel_dir (string)"
msgstr "skel_dir (chaîne)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2197
+#: sssd.conf.5.xml:2249
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -3136,17 +3221,17 @@ msgstr ""
"manvolnum> </citerefentry>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2207
+#: sssd.conf.5.xml:2259
msgid "Default: <filename>/etc/skel</filename>"
msgstr "Par défaut : <filename>/etc/skel</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2212
+#: sssd.conf.5.xml:2264
msgid "mail_dir (string)"
msgstr "mail_dir (chaîne)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2215
+#: sssd.conf.5.xml:2267
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -3157,17 +3242,17 @@ msgstr ""
"précisé, la valeur par défaut est utilisée."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2222
+#: sssd.conf.5.xml:2274
msgid "Default: <filename>/var/mail</filename>"
msgstr "Par défaut : <filename>/var/mail</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2227
+#: sssd.conf.5.xml:2279
msgid "userdel_cmd (string)"
msgstr "userdel_cmd (chaîne)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2230
+#: sssd.conf.5.xml:2282
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -3178,19 +3263,19 @@ msgstr ""
"code en retour de la commande n'est pas pris en compte."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2236
+#: sssd.conf.5.xml:2288
msgid "Default: None, no command is run"
msgstr "Par défaut : None, aucune commande lancée"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:2246 sssd-ldap.5.xml:2518 sssd-simple.5.xml:131
-#: sssd-ipa.5.xml:718 sssd-ad.5.xml:843 sssd-krb5.5.xml:519
+#: sssd.conf.5.xml:2298 sssd-ldap.5.xml:2569 sssd-simple.5.xml:131
+#: sssd-ipa.5.xml:718 sssd-ad.5.xml:843 sssd-krb5.5.xml:564
#: sss_rpcidmapd.5.xml:98
msgid "EXAMPLE"
msgstr "EXEMPLE"
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:2252
+#: sssd.conf.5.xml:2304
#, no-wrap
msgid ""
"[sssd]\n"
@@ -3244,7 +3329,7 @@ msgstr ""
"enumerate = False\n"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:2248
+#: sssd.conf.5.xml:2300
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -4238,7 +4323,7 @@ msgstr "L'attribut LDAP correspondant au nom complet de l'utilisateur."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:738 sssd-ldap.5.xml:831 sssd-ldap.5.xml:1058
-#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:2102 sssd-ldap.5.xml:2441
+#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:2153 sssd-ldap.5.xml:2492
#: sssd-ipa.5.xml:591
msgid "Default: cn"
msgstr "Par défaut : cn"
@@ -4570,11 +4655,6 @@ msgstr ""
"souvent lors de l'utilisation de groupes profondément imbriqués ou "
"complexes)."
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1017
-msgid "ldap_use_tokengroups"
-msgstr "ldap_use_tokengroups"
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1020
msgid ""
@@ -4845,7 +4925,7 @@ msgstr ""
"courte des deux valeurs entre celle-ci et la durée de vie TGT sera utilisée."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1258 sssd-ldap.5.xml:2259
+#: sssd-ldap.5.xml:1258 sssd-ldap.5.xml:2310
msgid "Default: 900 (15 minutes)"
msgstr "Par défaut : 900 (15 minutes)"
@@ -5409,7 +5489,7 @@ msgstr ""
"filename>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:403 sssd-krb5.5.xml:453
+#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:403 sssd-krb5.5.xml:462
msgid "krb5_canonicalize (boolean)"
msgstr "krb5_canonicalize (booléen)"
@@ -5424,12 +5504,12 @@ msgstr ""
"Kerberos > = 1.7"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1700 sssd-krb5.5.xml:468
+#: sssd-ldap.5.xml:1700 sssd-krb5.5.xml:477
msgid "krb5_use_kdcinfo (boolean)"
msgstr "krb5_use_kdcinfo (booléen)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1703 sssd-krb5.5.xml:471
+#: sssd-ldap.5.xml:1703 sssd-krb5.5.xml:480
msgid ""
"Specifies if the SSSD should instruct the Kerberos libraries what realm and "
"which KDCs to use. This option is on by default, if you disable it, you need "
@@ -5444,7 +5524,7 @@ msgstr ""
"<manvolnum>5</manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1714 sssd-krb5.5.xml:482
+#: sssd-ldap.5.xml:1714 sssd-krb5.5.xml:491
msgid ""
"See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</"
"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more "
@@ -5777,11 +5857,64 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1958
+msgid ""
+"<emphasis> Please note that this option is superseded by the <quote>ppolicy</"
+"quote> option and might be removed in a future release. </emphasis>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1965
+msgid ""
+"<emphasis>ppolicy</emphasis>: use account locking. If set, this option "
+"denies access in case that ldap attribute 'pwdAccountLockedTime' is present "
+"and has value of '000001010000Z' or represents any time in the past. The "
+"value of the 'pwdAccountLockedTime' attribute must end with 'Z', which "
+"denotes the UTC time zone. Other time zones are not currently supported and "
+"will result in \"access-denied\" when users attempt to log in. Please see "
+"the option ldap_pwdlockout_dn. Please note that 'access_provider = ldap' "
+"must be set for this feature to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1982
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr "<emphasis>expire</emphasis>: utiliser ldap_account_expire_policy"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1962
+#: sssd-ldap.5.xml:1986
+msgid ""
+"<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, "
+"pwd_expire_policy_renew: </emphasis> These options are useful if users are "
+"interested in being warned that password is about to expire and "
+"authentication is based on using a different method than passwords - for "
+"example SSH keys."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1996
+msgid ""
+"The difference between these options is the action taken if user password is "
+"expired: pwd_expire_policy_reject - user is denied to log in, "
+"pwd_expire_policy_warn - user is still able to log in, "
+"pwd_expire_policy_renew - user is prompted to change his password "
+"immediately."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2004
+msgid ""
+"Note If user password is expired no explicit message is prompted by SSSD."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2008
+msgid ""
+"Please note that 'access_provider = ldap' must be set for this feature to "
+"work. Also 'ldap_pwd_policy' must be set to an appropriate password policy."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2013
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
@@ -5790,18 +5923,18 @@ msgstr ""
"authorizedService pour déterminer l'accès"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1967
+#: sssd-ldap.5.xml:2018
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
"<emphasis>host</emphasis> : utilise l'attribut host pour déterminer l'accès"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1971
+#: sssd-ldap.5.xml:2022
msgid "Default: filter"
msgstr "Par défaut : filter"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1974
+#: sssd-ldap.5.xml:2025
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
@@ -5810,12 +5943,12 @@ msgstr ""
"de configuration."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1981
+#: sssd-ldap.5.xml:2032
msgid "ldap_pwdlockout_dn (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1984
+#: sssd-ldap.5.xml:2035
msgid ""
"This option specifies the DN of password policy entry on LDAP server. Please "
"note that absence of this option in sssd.conf in case of enabled account "
@@ -5824,22 +5957,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1992
+#: sssd-ldap.5.xml:2043
msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1995
+#: sssd-ldap.5.xml:2046
msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2001
+#: sssd-ldap.5.xml:2052
msgid "ldap_deref (string)"
msgstr "ldap_deref (chaînes)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2004
+#: sssd-ldap.5.xml:2055
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
@@ -5848,12 +5981,12 @@ msgstr ""
"recherche. Les options suivantes sont autorisées :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2009
+#: sssd-ldap.5.xml:2060
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr "<emphasis>never</emphasis> : les alias ne sont jamais déréférencés."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2013
+#: sssd-ldap.5.xml:2064
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
@@ -5863,7 +5996,7 @@ msgstr ""
"recherche."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2018
+#: sssd-ldap.5.xml:2069
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
@@ -5872,7 +6005,7 @@ msgstr ""
"la localisation de l'objet de base de la recherche."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2023
+#: sssd-ldap.5.xml:2074
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
@@ -5881,7 +6014,7 @@ msgstr ""
"recherche et et la localisation de l'objet de base de la recherche."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2028
+#: sssd-ldap.5.xml:2079
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
@@ -5890,12 +6023,12 @@ msgstr ""
"bibliothèques clientes LDAP)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2036
+#: sssd-ldap.5.xml:2087
msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
msgstr "ldap_rfc2307_fallback_to_local_users (booléen)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2039
+#: sssd-ldap.5.xml:2090
msgid ""
"Allows to retain local users as members of an LDAP group for servers that "
"use the RFC2307 schema."
@@ -5904,7 +6037,7 @@ msgstr ""
"LDAP pour les serveurs qui utilisent le schéma RFC2307."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2043
+#: sssd-ldap.5.xml:2094
msgid ""
"In some environments where the RFC2307 schema is used, local users are made "
"members of LDAP groups by adding their names to the memberUid attribute. "
@@ -5922,7 +6055,7 @@ msgstr ""
"initgoups()."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2054
+#: sssd-ldap.5.xml:2105
msgid ""
"This option falls back to checking if local users are referenced, and caches "
"them so that later initgroups() calls will augment the local users with the "
@@ -5948,12 +6081,12 @@ msgstr ""
"détails. <placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2070
+#: sssd-ldap.5.xml:2121
msgid "SUDO OPTIONS"
msgstr "OPTIONS DE SUDO"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2072
+#: sssd-ldap.5.xml:2123
msgid ""
"The detailed instructions for configuration of sudo_provider are in the "
"manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> "
@@ -5961,52 +6094,52 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2083
+#: sssd-ldap.5.xml:2134
msgid "ldap_sudorule_object_class (string)"
msgstr "ldap_sudorule_object_class (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2086
+#: sssd-ldap.5.xml:2137
msgid "The object class of a sudo rule entry in LDAP."
msgstr "La classe d'objet d'une entrée de règle de sudo dans LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2089
+#: sssd-ldap.5.xml:2140
msgid "Default: sudoRole"
msgstr "Par défaut : sudoRole"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2095
+#: sssd-ldap.5.xml:2146
msgid "ldap_sudorule_name (string)"
msgstr "ldap_sudorule_name (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2098
+#: sssd-ldap.5.xml:2149
msgid "The LDAP attribute that corresponds to the sudo rule name."
msgstr "L'attribut LDAP qui correspond au nom de la règle de sudo."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2108
+#: sssd-ldap.5.xml:2159
msgid "ldap_sudorule_command (string)"
msgstr "ldap_sudorule_command (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2111
+#: sssd-ldap.5.xml:2162
msgid "The LDAP attribute that corresponds to the command name."
msgstr "L'attribut LDAP qui correspond au nom de la commande."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2115
+#: sssd-ldap.5.xml:2166
msgid "Default: sudoCommand"
msgstr "Par défaut : sudoCommand"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2121
+#: sssd-ldap.5.xml:2172
msgid "ldap_sudorule_host (string)"
msgstr "ldap_sudorule_host (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2124
+#: sssd-ldap.5.xml:2175
msgid ""
"The LDAP attribute that corresponds to the host name (or host IP address, "
"host IP network, or host netgroup)"
@@ -6015,17 +6148,17 @@ msgstr ""
"réseau IP de l'hôte ou netgroup de l'hôte)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2129
+#: sssd-ldap.5.xml:2180
msgid "Default: sudoHost"
msgstr "Par défaut : sudoHost"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2135
+#: sssd-ldap.5.xml:2186
msgid "ldap_sudorule_user (string)"
msgstr "ldap_sudorule_user (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2138
+#: sssd-ldap.5.xml:2189
msgid ""
"The LDAP attribute that corresponds to the user name (or UID, group name or "
"user's netgroup)"
@@ -6034,32 +6167,32 @@ msgstr ""
"groupe ou netgroup de l'utilisateur)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2142
+#: sssd-ldap.5.xml:2193
msgid "Default: sudoUser"
msgstr "Par défaut : sudoUser"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2148
+#: sssd-ldap.5.xml:2199
msgid "ldap_sudorule_option (string)"
msgstr "ldap_sudorule_option (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2151
+#: sssd-ldap.5.xml:2202
msgid "The LDAP attribute that corresponds to the sudo options."
msgstr "L'attribut LDAP qui correspond aux options sudo."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2155
+#: sssd-ldap.5.xml:2206
msgid "Default: sudoOption"
msgstr "Par défaut : sudoOption"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2161
+#: sssd-ldap.5.xml:2212
msgid "ldap_sudorule_runasuser (string)"
msgstr "ldap_sudorule_runasuser (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2164
+#: sssd-ldap.5.xml:2215
msgid ""
"The LDAP attribute that corresponds to the user name that commands may be "
"run as."
@@ -6068,17 +6201,17 @@ msgstr ""
"nom d'utilisateur."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2168
+#: sssd-ldap.5.xml:2219
msgid "Default: sudoRunAsUser"
msgstr "Par défaut : sudoRunAsUser"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2174
+#: sssd-ldap.5.xml:2225
msgid "ldap_sudorule_runasgroup (string)"
msgstr "ldap_sudorule_runasgroup (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2177
+#: sssd-ldap.5.xml:2228
msgid ""
"The LDAP attribute that corresponds to the group name or group GID that "
"commands may be run as."
@@ -6087,17 +6220,17 @@ msgstr ""
"les commandes seront être exécutées."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2181
+#: sssd-ldap.5.xml:2232
msgid "Default: sudoRunAsGroup"
msgstr "Par défaut : sudoRunAsGroup"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2187
+#: sssd-ldap.5.xml:2238
msgid "ldap_sudorule_notbefore (string)"
msgstr "ldap_sudorule_notbefore (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2190
+#: sssd-ldap.5.xml:2241
msgid ""
"The LDAP attribute that corresponds to the start date/time for when the sudo "
"rule is valid."
@@ -6106,17 +6239,17 @@ msgstr ""
"règle sudo est valide."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2194
+#: sssd-ldap.5.xml:2245
msgid "Default: sudoNotBefore"
msgstr "Par défaut : sudoNotBefore"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2200
+#: sssd-ldap.5.xml:2251
msgid "ldap_sudorule_notafter (string)"
msgstr "ldap_sudorule_notafter (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2203
+#: sssd-ldap.5.xml:2254
msgid ""
"The LDAP attribute that corresponds to the expiration date/time, after which "
"the sudo rule will no longer be valid."
@@ -6125,32 +6258,32 @@ msgstr ""
"règle sudo ne sera plus valide."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2208
+#: sssd-ldap.5.xml:2259
msgid "Default: sudoNotAfter"
msgstr "Par défaut : sudoNotAfter"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2214
+#: sssd-ldap.5.xml:2265
msgid "ldap_sudorule_order (string)"
msgstr "ldap_sudorule_order (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2217
+#: sssd-ldap.5.xml:2268
msgid "The LDAP attribute that corresponds to the ordering index of the rule."
msgstr "L'attribut LDAP qui correspond à l'index de tri de la règle."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2221
+#: sssd-ldap.5.xml:2272
msgid "Default: sudoOrder"
msgstr "Par défaut : sudoOrder"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2227
+#: sssd-ldap.5.xml:2278
msgid "ldap_sudo_full_refresh_interval (integer)"
msgstr "ldap_sudo_full_refresh_interval (integer)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2230
+#: sssd-ldap.5.xml:2281
msgid ""
"How many seconds SSSD will wait between executing a full refresh of sudo "
"rules (which downloads all rules that are stored on the server)."
@@ -6160,7 +6293,7 @@ msgstr ""
"règles qui sont stockées sur le serveur)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2235
+#: sssd-ldap.5.xml:2286
msgid ""
"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </"
"emphasis>"
@@ -6169,17 +6302,17 @@ msgstr ""
"emphasis>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2240
+#: sssd-ldap.5.xml:2291
msgid "Default: 21600 (6 hours)"
msgstr "Par défaut : 21600 (6 heures)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2246
+#: sssd-ldap.5.xml:2297
msgid "ldap_sudo_smart_refresh_interval (integer)"
msgstr "ldap_sudo_smart_refresh_interval (integer)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2249
+#: sssd-ldap.5.xml:2300
msgid ""
"How many seconds SSSD has to wait before executing a smart refresh of sudo "
"rules (which downloads all rules that have USN higher than the highest USN "
@@ -6191,7 +6324,7 @@ msgstr ""
"cache)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2255
+#: sssd-ldap.5.xml:2306
msgid ""
"If USN attributes are not supported by the server, the modifyTimestamp "
"attribute is used instead."
@@ -6200,12 +6333,12 @@ msgstr ""
"modifyTimestamp est utilisé à la place."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2265
+#: sssd-ldap.5.xml:2316
msgid "ldap_sudo_use_host_filter (boolean)"
msgstr "ldap_sudo_use_host_filter (boolean)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2268
+#: sssd-ldap.5.xml:2319
msgid ""
"If true, SSSD will download only rules that are applicable to this machine "
"(using the IPv4 or IPv6 host/network addresses and hostnames)."
@@ -6215,12 +6348,12 @@ msgstr ""
"noms de systèmes)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2279
+#: sssd-ldap.5.xml:2330
msgid "ldap_sudo_hostnames (string)"
msgstr "ldap_sudo_hostnames (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2282
+#: sssd-ldap.5.xml:2333
msgid ""
"Space separated list of hostnames or fully qualified domain names that "
"should be used to filter the rules."
@@ -6229,7 +6362,7 @@ msgstr ""
"doivent être utilisés pour filtrer les règles."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2287
+#: sssd-ldap.5.xml:2338
msgid ""
"If this option is empty, SSSD will try to discover the hostname and the "
"fully qualified domain name automatically."
@@ -6238,8 +6371,8 @@ msgstr ""
"nom de système et le nom de domaine pleinement qualifié."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2292 sssd-ldap.5.xml:2315 sssd-ldap.5.xml:2333
-#: sssd-ldap.5.xml:2351
+#: sssd-ldap.5.xml:2343 sssd-ldap.5.xml:2366 sssd-ldap.5.xml:2384
+#: sssd-ldap.5.xml:2402
msgid ""
"If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</"
"emphasis> then this option has no effect."
@@ -6248,17 +6381,17 @@ msgstr ""
"emphasis>, alors cette option n'a aucun effet."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2297 sssd-ldap.5.xml:2320
+#: sssd-ldap.5.xml:2348 sssd-ldap.5.xml:2371
msgid "Default: not specified"
msgstr "Par défaut : non spécifié"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2303
+#: sssd-ldap.5.xml:2354
msgid "ldap_sudo_ip (string)"
msgstr "ldap_sudo_ip (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2306
+#: sssd-ldap.5.xml:2357
msgid ""
"Space separated list of IPv4 or IPv6 host/network addresses that should be "
"used to filter the rules."
@@ -6267,7 +6400,7 @@ msgstr ""
"IPv6 qui doivent être utilisés pour filtrer les règles."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2311
+#: sssd-ldap.5.xml:2362
msgid ""
"If this option is empty, SSSD will try to discover the addresses "
"automatically."
@@ -6276,12 +6409,12 @@ msgstr ""
"automatiquement."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2326
+#: sssd-ldap.5.xml:2377
msgid "ldap_sudo_include_netgroups (boolean)"
msgstr "ldap_sudo_include_netgroups (boolean)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2329
+#: sssd-ldap.5.xml:2380
msgid ""
"If true then SSSD will download every rule that contains a netgroup in "
"sudoHost attribute."
@@ -6290,12 +6423,12 @@ msgstr ""
"netgroup dans l'attribut sudoHost."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2344
+#: sssd-ldap.5.xml:2395
msgid "ldap_sudo_include_regexp (boolean)"
msgstr "ldap_sudo_include_regexp (boolean)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2347
+#: sssd-ldap.5.xml:2398
msgid ""
"If true then SSSD will download every rule that contains a wildcard in "
"sudoHost attribute."
@@ -6304,7 +6437,7 @@ msgstr ""
"un joker dans l'attribut sudoHost."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2363
+#: sssd-ldap.5.xml:2414
msgid ""
"This manual page only describes attribute name mapping. For detailed "
"explanation of sudo related attribute semantics, see <citerefentry> "
@@ -6317,12 +6450,12 @@ msgstr ""
"manvolnum></citerefentry>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2373
+#: sssd-ldap.5.xml:2424
msgid "AUTOFS OPTIONS"
msgstr "OPTIONS AUTOFS"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2375
+#: sssd-ldap.5.xml:2426
msgid ""
"Please note that the default values correspond to the default schema which "
"is RFC2307."
@@ -6331,63 +6464,63 @@ msgstr ""
"qui est RFC2307."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2381
+#: sssd-ldap.5.xml:2432
msgid "ldap_autofs_map_master_name (string)"
msgstr "ldap_autofs_map_master_name (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2384
+#: sssd-ldap.5.xml:2435
msgid "The name of the automount master map in LDAP."
msgstr "Le nom de la table de montage automatique maîtresse dans LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2387
+#: sssd-ldap.5.xml:2438
msgid "Default: auto.master"
msgstr "Par défaut : auto.master"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2394
+#: sssd-ldap.5.xml:2445
msgid "ldap_autofs_map_object_class (string)"
msgstr "ldap_autofs_map_object_class (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2397 sssd-ldap.5.xml:2423
+#: sssd-ldap.5.xml:2448 sssd-ldap.5.xml:2474
msgid "The object class of an automount map entry in LDAP."
msgstr ""
"La classe d'objet d'une entrée de table de montage automatique dans LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2400 sssd-ldap.5.xml:2427
+#: sssd-ldap.5.xml:2451 sssd-ldap.5.xml:2478
msgid "Default: automountMap"
msgstr "Par défaut : automountMap"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2407
+#: sssd-ldap.5.xml:2458
msgid "ldap_autofs_map_name (string)"
msgstr "ldap_autofs_map_name (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2410
+#: sssd-ldap.5.xml:2461
msgid "The name of an automount map entry in LDAP."
msgstr "Le nom d'une entrée de table de montage automatique dans LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2413
+#: sssd-ldap.5.xml:2464
msgid "Default: ou"
msgstr "Par défaut : ou"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2420
+#: sssd-ldap.5.xml:2471
msgid "ldap_autofs_entry_object_class (string)"
msgstr "ldap_autofs_entry_object_class (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2434
+#: sssd-ldap.5.xml:2485
msgid "ldap_autofs_entry_key (string)"
msgstr "ldap_autofs_entry_key (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2437 sssd-ldap.5.xml:2451
+#: sssd-ldap.5.xml:2488 sssd-ldap.5.xml:2502
msgid ""
"The key of an automount entry in LDAP. The entry usually corresponds to a "
"mount point."
@@ -6396,17 +6529,17 @@ msgstr ""
"généralement à un point de montage."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2448
+#: sssd-ldap.5.xml:2499
msgid "ldap_autofs_entry_value (string)"
msgstr "ldap_autofs_entry_value (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2455
+#: sssd-ldap.5.xml:2506
msgid "Default: automountInformation"
msgstr "Par défaut : automountInformation"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2379
+#: sssd-ldap.5.xml:2430
msgid ""
"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
@@ -6419,32 +6552,32 @@ msgstr ""
"\"variablelist\" id=\"4\"/> <placeholder type=\"variablelist\" id=\"5\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2465
+#: sssd-ldap.5.xml:2516
msgid "ADVANCED OPTIONS"
msgstr "OPTIONS AVANCÉES"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2472
+#: sssd-ldap.5.xml:2523
msgid "ldap_netgroup_search_base (string)"
msgstr "ldap_netgroup_search_base (chaînes)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2477
+#: sssd-ldap.5.xml:2528
msgid "ldap_user_search_base (string)"
msgstr "ldap_user_search_base (chaînes)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2482
+#: sssd-ldap.5.xml:2533
msgid "ldap_group_search_base (string)"
msgstr "ldap_group_search_base (chaînes)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><note>
-#: sssd-ldap.5.xml:2487
+#: sssd-ldap.5.xml:2538
msgid "<note>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para>
-#: sssd-ldap.5.xml:2489
+#: sssd-ldap.5.xml:2540
msgid ""
"If the option <quote>ldap_use_tokengroups</quote> is enabled. The searches "
"against Active Directory will not be restricted and return all groups "
@@ -6453,22 +6586,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist>
-#: sssd-ldap.5.xml:2496
+#: sssd-ldap.5.xml:2547
msgid "</note>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2498
+#: sssd-ldap.5.xml:2549
msgid "ldap_sudo_search_base (string)"
msgstr "ldap_sudo_search_base (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2503
+#: sssd-ldap.5.xml:2554
msgid "ldap_autofs_search_base (string)"
msgstr "ldap_autofs_search_base (string)"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2467
+#: sssd-ldap.5.xml:2518
#, fuzzy
#| msgid ""
#| "These options are supported by LDAP domains, but they should be used with "
@@ -6486,7 +6619,7 @@ msgstr ""
"\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2520
+#: sssd-ldap.5.xml:2571
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -6497,7 +6630,7 @@ msgstr ""
"replaceable>."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2526
+#: sssd-ldap.5.xml:2577
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -6517,19 +6650,19 @@ msgstr ""
" cache_credentials = true\n"
#. type: Content of: <refsect1><refsect2><para>
-#: sssd-ldap.5.xml:2525 sssd-ldap.5.xml:2543 sssd-simple.5.xml:139
+#: sssd-ldap.5.xml:2576 sssd-ldap.5.xml:2594 sssd-simple.5.xml:139
#: sssd-ipa.5.xml:726 sssd-ad.5.xml:851 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98
-#: sssd-krb5.5.xml:528 include/ldap_id_mapping.xml:105
+#: sssd-krb5.5.xml:573 include/ldap_id_mapping.xml:105
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr "<placeholder type=\"programlisting\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2537
+#: sssd-ldap.5.xml:2588
msgid "LDAP ACCESS FILTER EXAMPLE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2539
+#: sssd-ldap.5.xml:2590
#, fuzzy
#| msgid ""
#| "The following example assumes that SSSD is correctly configured and LDAP "
@@ -6544,7 +6677,7 @@ msgstr ""
"replaceable>."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2544
+#: sssd-ldap.5.xml:2595
#, fuzzy, no-wrap
#| msgid ""
#| " [domain/LDAP]\n"
@@ -6575,13 +6708,13 @@ msgstr ""
" cache_credentials = true\n"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2559 sssd_krb5_locator_plugin.8.xml:61
+#: sssd-ldap.5.xml:2610 sssd_krb5_locator_plugin.8.xml:61
#: sssd-simple.5.xml:148 sssd-ad.5.xml:866 sssd.8.xml:195 sss_seed.8.xml:163
msgid "NOTES"
msgstr "NOTES"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2561
+#: sssd-ldap.5.xml:2612
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -7542,7 +7675,7 @@ msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:371 sssd-krb5.5.xml:245
+#: sssd-ipa.5.xml:371 sssd-krb5.5.xml:254
msgid "krb5_validate (boolean)"
msgstr "krb5_validate (booléen)"
@@ -7592,12 +7725,12 @@ msgstr ""
"Cette fonctionnalité est disponible avec MIT Kerberos > = 1.7"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:419 sssd-krb5.5.xml:407
+#: sssd-ipa.5.xml:419 sssd-krb5.5.xml:416
msgid "krb5_use_fast (string)"
msgstr "krb5_use_fast (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:422 sssd-krb5.5.xml:410
+#: sssd-ipa.5.xml:422 sssd-krb5.5.xml:419
msgid ""
"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-"
"authentication. The following options are supported:"
@@ -7619,7 +7752,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:436 sssd-krb5.5.xml:424
+#: sssd-ipa.5.xml:436 sssd-krb5.5.xml:433
msgid ""
"<emphasis>demand</emphasis> to use FAST. The authentication fails if the "
"server does not require fast."
@@ -7633,7 +7766,7 @@ msgid "Default: try"
msgstr "Par défaut : try"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:444 sssd-krb5.5.xml:435
+#: sssd-ipa.5.xml:444 sssd-krb5.5.xml:444
msgid ""
"NOTE: SSSD supports FAST only with MIT Kerberos version 1.8 and later. If "
"SSSD is used with an older version of MIT Kerberos, using this option is a "
@@ -8829,12 +8962,12 @@ msgid "Default: True"
msgstr "Par défaut : True"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:797 sssd-krb5.5.xml:496
+#: sssd-ad.5.xml:797 sssd-krb5.5.xml:505
msgid "krb5_use_enterprise_principal (boolean)"
msgstr "krb5_use_enterprise_principal (booléen)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:800 sssd-krb5.5.xml:499
+#: sssd-ad.5.xml:800 sssd-krb5.5.xml:508
msgid ""
"Specifies if the user principal should be treated as enterprise principal. "
"See section 5 of RFC 6806 for more details about enterprise principals."
@@ -10010,16 +10143,32 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:225
+#, fuzzy
+#| msgid ""
+#| "Please refer to the <quote>dns_discovery_domain</quote> parameter in the "
+#| "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
+#| "manvolnum> </citerefentry> manual page for more details."
+msgid ""
+"NOTE: Please be aware that libkrb5 ccache expansion template from "
+"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> uses different expansion sequences than SSSD."
+msgstr ""
+"Se reporter au paramètre <quote>dns_discovery_domain</quote> dans la page de "
+"manuel <citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
+"manvolnum></citerefentry> pour plus de détails."
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:234
msgid "Default: (from libkrb5)"
msgstr "Par défaut : (valeur provenant de libkrb5)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:231
+#: sssd-krb5.5.xml:240
msgid "krb5_auth_timeout (integer)"
msgstr "krb5_auth_timeout (entier)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:234
+#: sssd-krb5.5.xml:243
msgid ""
"Timeout in seconds after an online authentication request or change password "
"request is aborted. If possible, the authentication request is continued "
@@ -10030,7 +10179,7 @@ msgstr ""
"d'authentification sera effectuée hors-ligne si cela est possible."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:248
+#: sssd-krb5.5.xml:257
msgid ""
"Verify with the help of krb5_keytab that the TGT obtained has not been "
"spoofed. The keytab is checked for entries sequentially, and the first entry "
@@ -10049,12 +10198,12 @@ msgstr ""
"keytab."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:263
+#: sssd-krb5.5.xml:272
msgid "krb5_keytab (string)"
msgstr "krb5_keytab (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:266
+#: sssd-krb5.5.xml:275
msgid ""
"The location of the keytab to use when validating credentials obtained from "
"KDCs."
@@ -10063,17 +10212,17 @@ msgstr ""
"d'identification obtenues à partir de KDC."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:270
+#: sssd-krb5.5.xml:279
msgid "Default: /etc/krb5.keytab"
msgstr "Par défaut : /etc/krb5.keytab"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:276
+#: sssd-krb5.5.xml:285
msgid "krb5_store_password_if_offline (boolean)"
msgstr "krb5_store_password_if_offline (booléen)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:279
+#: sssd-krb5.5.xml:288
msgid ""
"Store the password of the user if the provider is offline and use it to "
"request a TGT when the provider comes online again."
@@ -10083,7 +10232,7 @@ msgstr ""
"disponible en ligne."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:284
+#: sssd-krb5.5.xml:293
msgid ""
"NOTE: this feature is only available on Linux. Passwords stored in this way "
"are kept in plaintext in the kernel keyring and are potentially accessible "
@@ -10095,12 +10244,12 @@ msgstr ""
"accessibles à l'utilisateur root (avec difficulté)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:297
+#: sssd-krb5.5.xml:306
msgid "krb5_renewable_lifetime (string)"
msgstr "krb5_renewable_lifetime (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:300
+#: sssd-krb5.5.xml:309
msgid ""
"Request a renewable ticket with a total lifetime, given as an integer "
"immediately followed by a time unit:"
@@ -10109,32 +10258,32 @@ msgstr ""
"entier immédiatement suivi par une unité de temps :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:305 sssd-krb5.5.xml:339 sssd-krb5.5.xml:376
+#: sssd-krb5.5.xml:314 sssd-krb5.5.xml:348 sssd-krb5.5.xml:385
msgid "<emphasis>s</emphasis> for seconds"
msgstr "<emphasis>s</emphasis> pour secondes"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:308 sssd-krb5.5.xml:342 sssd-krb5.5.xml:379
+#: sssd-krb5.5.xml:317 sssd-krb5.5.xml:351 sssd-krb5.5.xml:388
msgid "<emphasis>m</emphasis> for minutes"
msgstr "<emphasis>m</emphasis> pour minutes"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:311 sssd-krb5.5.xml:345 sssd-krb5.5.xml:382
+#: sssd-krb5.5.xml:320 sssd-krb5.5.xml:354 sssd-krb5.5.xml:391
msgid "<emphasis>h</emphasis> for hours"
msgstr "<emphasis>h</emphasis> pour heures"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:314 sssd-krb5.5.xml:348 sssd-krb5.5.xml:385
+#: sssd-krb5.5.xml:323 sssd-krb5.5.xml:357 sssd-krb5.5.xml:394
msgid "<emphasis>d</emphasis> for days."
msgstr "<emphasis>d</emphasis> pour jours."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:317 sssd-krb5.5.xml:388
+#: sssd-krb5.5.xml:326 sssd-krb5.5.xml:397
msgid "If there is no unit given, <emphasis>s</emphasis> is assumed."
msgstr "Si aucune unité n'est spécifiée, <emphasis>s</emphasis> est utilisé."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:321 sssd-krb5.5.xml:392
+#: sssd-krb5.5.xml:330 sssd-krb5.5.xml:401
msgid ""
"NOTE: It is not possible to mix units. To set the renewable lifetime to one "
"and a half hours, use '90m' instead of '1h30m'."
@@ -10144,18 +10293,18 @@ msgstr ""
"de « 1h30m »."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:326
+#: sssd-krb5.5.xml:335
msgid "Default: not set, i.e. the TGT is not renewable"
msgstr ""
"Par défaut : non défini, c'est-à-dire que le TGT n'est pas renouvelable"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:332
+#: sssd-krb5.5.xml:341
msgid "krb5_lifetime (string)"
msgstr "krb5_lifetime (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:335
+#: sssd-krb5.5.xml:344
msgid ""
"Request ticket with a lifetime, given as an integer immediately followed by "
"a time unit:"
@@ -10164,12 +10313,12 @@ msgstr ""
"suivi par une unité de temps :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:351
+#: sssd-krb5.5.xml:360
msgid "If there is no unit given <emphasis>s</emphasis> is assumed."
msgstr "Si aucune unité n'est spécifiée, <emphasis>s</emphasis> est utilisé."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:355
+#: sssd-krb5.5.xml:364
msgid ""
"NOTE: It is not possible to mix units. To set the lifetime to one and a "
"half hours please use '90m' instead of '1h30m'."
@@ -10178,7 +10327,7 @@ msgstr ""
"de vie de une heure et trente minutes, utiliser « 90m » au lieu de « 1h30m »."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:360
+#: sssd-krb5.5.xml:369
msgid ""
"Default: not set, i.e. the default ticket lifetime configured on the KDC."
msgstr ""
@@ -10186,12 +10335,12 @@ msgstr ""
"dans le KDC."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:367
+#: sssd-krb5.5.xml:376
msgid "krb5_renew_interval (string)"
msgstr "krb5_renew_interval (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:370
+#: sssd-krb5.5.xml:379
msgid ""
"The time in seconds between two checks if the TGT should be renewed. TGTs "
"are renewed if about half of their lifetime is exceeded, given as an integer "
@@ -10203,14 +10352,14 @@ msgstr ""
"de temps :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:397
+#: sssd-krb5.5.xml:406
msgid "If this option is not set or is 0 the automatic renewal is disabled."
msgstr ""
"Si cette option n'est pas définie ou définie à 0, le renouvellement "
"automatique est désactivé."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:415
+#: sssd-krb5.5.xml:424
msgid ""
"<emphasis>never</emphasis> use FAST. This is equivalent to not setting this "
"option at all."
@@ -10219,7 +10368,7 @@ msgstr ""
"cette option."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:419
+#: sssd-krb5.5.xml:428
msgid ""
"<emphasis>try</emphasis> to use FAST. If the server does not support FAST, "
"continue the authentication without it."
@@ -10228,27 +10377,27 @@ msgstr ""
"charge FAST, continuer l'authentification sans."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:429
+#: sssd-krb5.5.xml:438
msgid "Default: not set, i.e. FAST is not used."
msgstr "Par défaut : non défini, i.e. FAST n'est pas utilisé."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:432
+#: sssd-krb5.5.xml:441
msgid "NOTE: a keytab is required to use FAST."
msgstr "NOTE : un fichier keytab est requis pour utiliser FAST."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:444
+#: sssd-krb5.5.xml:453
msgid "krb5_fast_principal (string)"
msgstr "krb5_fast_principal (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:447
+#: sssd-krb5.5.xml:456
msgid "Specifies the server principal to use for FAST."
msgstr "Spécifie le principal de serveur afin d'utiliser FAST."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:456
+#: sssd-krb5.5.xml:465
msgid ""
"Specifies if the host and user principal should be canonicalized. This "
"feature is available with MIT Kerberos 1.7 and later versions."
@@ -10258,10 +10407,45 @@ msgstr ""
"et versions suivantes."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:505
+#: sssd-krb5.5.xml:514
msgid "Default: false (AD provider: true)"
msgstr "Par défaut : false (AD provider : true)"
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:520
+#, fuzzy
+#| msgid "krb5_use_fast (string)"
+msgid "krb5_map_user (string)"
+msgstr "krb5_use_fast (chaîne)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:523
+msgid ""
+"The list of mappings is given as a comma-separated list of pairs "
+"<quote>username:primary</quote> where <quote>username</quote> is a UNIX user "
+"name and <quote>primary</quote> is a user part of a kerberos principal. This "
+"mapping is used when user is authenticating using <quote>auth_provider = "
+"krb5</quote>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd-krb5.5.xml:535
+#, no-wrap
+msgid ""
+"krb5_realm = REALM\n"
+"krb5_map_user = joe:juser,dick:richard\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:540
+msgid ""
+"<quote>joe</quote> and <quote>dick</quote> are UNIX user names and "
+"<quote>juser</quote> and <quote>richard</quote> are primaries of kerberos "
+"principals. For user <quote>joe</quote> resp. <quote>dick</quote> SSSD will "
+"try to kinit as <quote>juser@REALM</quote> resp. <quote>richard@REALM</"
+"quote>."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-krb5.5.xml:65
msgid ""
@@ -10279,7 +10463,7 @@ msgstr ""
"\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-krb5.5.xml:521
+#: sssd-krb5.5.xml:566
msgid ""
"The following example assumes that SSSD is correctly configured and FOO is "
"one of the domains in the <replaceable>[sssd]</replaceable> section. This "
@@ -10292,7 +10476,7 @@ msgstr ""
"et n'inclut aucun fournisseur d'identité."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-krb5.5.xml:529
+#: sssd-krb5.5.xml:574
#, no-wrap
msgid ""
" [domain/FOO]\n"
@@ -12606,3 +12790,8 @@ msgstr "Par défaut : /home"
#~ msgid "Add microseconds to the timestamp in debug messages"
#~ msgstr ""
#~ "Ajouter les microsecondes à l'horodatage dans les messages de débogage"
+
+#~ msgid "Currently only refreshing expired netgroups is supported."
+#~ msgstr ""
+#~ "Actuellement, seul le rafraichissement des netgroups expirés est pris en "
+#~ "charge."
diff --git a/src/man/po/ja.po b/src/man/po/ja.po
index decb0058f..a317be06d 100644
--- a/src/man/po/ja.po
+++ b/src/man/po/ja.po
@@ -10,7 +10,7 @@ msgid ""
msgstr ""
"Project-Id-Version: sssd-docs 1.12.2\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2015-02-18 16:52+0100\n"
+"POT-Creation-Date: 2015-06-12 10:36+0200\n"
"PO-Revision-Date: 2014-06-04 02:04-0400\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Japanese (http://www.transifex.com/projects/p/sssd/language/"
@@ -20,7 +20,7 @@ msgstr ""
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=1; plural=0;\n"
-"X-Generator: Zanata 3.5.1\n"
+"X-Generator: Zanata 3.6.2\n"
#. type: Content of: <reference><title>
#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5
@@ -255,11 +255,11 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:81 sssd.conf.5.xml:571 sssd.conf.5.xml:1014
+#: sssd.conf.5.xml:81 sssd.conf.5.xml:602 sssd.conf.5.xml:1066
#: sssd-ldap.5.xml:1625 sssd-ldap.5.xml:1722 sssd-ldap.5.xml:1784
-#: sssd-ldap.5.xml:2273 sssd-ldap.5.xml:2338 sssd-ldap.5.xml:2356
+#: sssd-ldap.5.xml:2324 sssd-ldap.5.xml:2389 sssd-ldap.5.xml:2407
#: sssd-ipa.5.xml:378 sssd-ipa.5.xml:413 sssd-ad.5.xml:166 sssd-ad.5.xml:264
-#: sssd-ad.5.xml:714 sssd-ad.5.xml:806 sssd-krb5.5.xml:490
+#: sssd-ad.5.xml:714 sssd-ad.5.xml:806 sssd-krb5.5.xml:499
msgid "Default: true"
msgstr "初期値: true"
@@ -276,16 +276,16 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:94 sssd.conf.5.xml:968 sssd.conf.5.xml:2043
+#: sssd.conf.5.xml:94 sssd.conf.5.xml:1020 sssd.conf.5.xml:2095
#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1499 sssd-ldap.5.xml:1518
-#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:2060 sssd-ipa.5.xml:139
-#: sssd-ipa.5.xml:208 sssd-ipa.5.xml:543 sssd-krb5.5.xml:257
-#: sssd-krb5.5.xml:291 sssd-krb5.5.xml:462
+#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:2111 sssd-ipa.5.xml:139
+#: sssd-ipa.5.xml:208 sssd-ipa.5.xml:543 sssd-krb5.5.xml:266
+#: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471
msgid "Default: false"
msgstr "初期値: false"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:67 sssd.conf.5.xml:105 sssd-ldap.5.xml:2081
+#: sssd.conf.5.xml:67 sssd.conf.5.xml:105 sssd-ldap.5.xml:2132
msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr "<placeholder type=\"variablelist\" id=\"0\"/>"
@@ -322,7 +322,7 @@ msgid "The [sssd] section"
msgstr "[sssd] セクション"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:137 sssd.conf.5.xml:2127
+#: sssd.conf.5.xml:137 sssd.conf.5.xml:2179
msgid "Section parameters"
msgstr "セクションのパラメーター"
@@ -406,7 +406,7 @@ msgstr ""
"名は ASCII 英数字、ダッシュ (-) およびアンダースコア (_) のみを使用できます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:193 sssd.conf.5.xml:1826
+#: sssd.conf.5.xml:193 sssd.conf.5.xml:1878
msgid "re_expression (string)"
msgstr "re_expression (文字列)"
@@ -426,12 +426,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:210 sssd.conf.5.xml:1877
+#: sssd.conf.5.xml:210 sssd.conf.5.xml:1929
msgid "full_name_format (string)"
msgstr "full_name_format (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:213 sssd.conf.5.xml:1880
+#: sssd.conf.5.xml:213 sssd.conf.5.xml:1932
msgid ""
"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
"manvolnum> </citerefentry>-compatible format that describes how to compose a "
@@ -442,39 +442,39 @@ msgstr ""
"manvolnum> </citerefentry> 互換形式。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:224 sssd.conf.5.xml:1891
+#: sssd.conf.5.xml:224 sssd.conf.5.xml:1943
msgid "%1$s"
msgstr "%1$s"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:225 sssd.conf.5.xml:1892
+#: sssd.conf.5.xml:225 sssd.conf.5.xml:1944
msgid "user name"
msgstr "ユーザー名"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:228 sssd.conf.5.xml:1895
+#: sssd.conf.5.xml:228 sssd.conf.5.xml:1947
msgid "%2$s"
msgstr "%2$s"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:231 sssd.conf.5.xml:1898
+#: sssd.conf.5.xml:231 sssd.conf.5.xml:1950
msgid "domain name as specified in the SSSD config file."
msgstr "SSSD 設定ファイルにおいて指定されるドメイン名。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:237 sssd.conf.5.xml:1904
+#: sssd.conf.5.xml:237 sssd.conf.5.xml:1956
msgid "%3$s"
msgstr "%3$s"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:240 sssd.conf.5.xml:1907
+#: sssd.conf.5.xml:240 sssd.conf.5.xml:1959
msgid ""
"domain flat name. Mostly usable for Active Directory domains, both directly "
"configured or discovered via IPA trusts."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:221 sssd.conf.5.xml:1888
+#: sssd.conf.5.xml:221 sssd.conf.5.xml:1940
msgid ""
"The following expansions are supported: <placeholder type=\"variablelist\" "
"id=\"0\"/>"
@@ -614,8 +614,8 @@ msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:336 sssd-ldap.5.xml:663 sssd-ldap.5.xml:1458
#: sssd-ldap.5.xml:1470 sssd-ldap.5.xml:1552 sssd-ad.5.xml:557
-#: sssd-ad.5.xml:627 sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:203
-#: include/ldap_id_mapping.xml:214
+#: sssd-ad.5.xml:627 sssd-krb5.5.xml:410 sssd-krb5.5.xml:550
+#: include/ldap_id_mapping.xml:203 include/ldap_id_mapping.xml:214
msgid "Default: not set"
msgstr "初期値: 設定されません"
@@ -729,18 +729,18 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:427 sssd.conf.5.xml:443 sssd.conf.5.xml:475
-#: sssd.conf.5.xml:702 sssd.conf.5.xml:888 sssd.conf.5.xml:1209
+#: sssd.conf.5.xml:733 sssd.conf.5.xml:919 sssd.conf.5.xml:1261
#: sssd-ldap.5.xml:1200
msgid "Default: 60"
msgstr "初期値: 60"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:432 sssd.conf.5.xml:1198
+#: sssd.conf.5.xml:432 sssd.conf.5.xml:1250
msgid "force_timeout (integer)"
msgstr "force_timeout (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:435 sssd.conf.5.xml:1201
+#: sssd.conf.5.xml:435 sssd.conf.5.xml:1253
msgid ""
"If a service is not responding to ping checks (see the <quote>timeout</"
"quote> option), it is first sent the SIGTERM signal that instructs it to "
@@ -787,13 +787,80 @@ msgid ""
"will be forced to one hour."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:480
+#, fuzzy
+#| msgid "subdomain_homedir (string)"
+msgid "subdomain_inherit (string)"
+msgstr "subdomain_homedir (文字列)"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:483
+msgid ""
+"Specifies a list of configuration parameters that should be inherited by a "
+"subdomain. Please note that only selected parameters can be inherited. "
+"Currently the following options can be inherited:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:489
+#, fuzzy
+#| msgid "ignore_group_members (bool)"
+msgid "ignore_group_members"
+msgstr "ignore_group_members (論理値)"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:492
+#, fuzzy
+#| msgid "ldap_purge_cache_timeout (integer)"
+msgid "ldap_purge_cache_timeout"
+msgstr "ldap_purge_cache_timeout (整数)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:495 sssd-ldap.5.xml:1017
+msgid "ldap_use_tokengroups"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:498
+#, fuzzy
+#| msgid "ldap_user_principal (string)"
+msgid "ldap_user_principal"
+msgstr "ldap_user_principal (文字列)"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd.conf.5.xml:503
+#, fuzzy, no-wrap
+#| msgid ""
+#| "fallback_homedir = /home/%u\n"
+#| " "
+msgid ""
+"subdomain_inherit = ldap_purge_cache_timeout\n"
+" "
+msgstr ""
+"fallback_homedir = /home/%u\n"
+" "
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:501
+#, fuzzy
+#| msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
+msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr "例: <placeholder type=\"programlisting\" id=\"0\"/>"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:507 sssd.conf.5.xml:963 sssd.conf.5.xml:984
+#: sssd.conf.5.xml:1244 sssd-ldap.5.xml:1753
+msgid "Default: none"
+msgstr "初期値: none"
+
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:484
+#: sssd.conf.5.xml:515
msgid "NSS configuration options"
msgstr "NSS 設定オプション"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:486
+#: sssd.conf.5.xml:517
msgid ""
"These options can be used to configure the Name Service Switch (NSS) service."
msgstr ""
@@ -801,12 +868,12 @@ msgstr ""
"きます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:491
+#: sssd.conf.5.xml:522
msgid "enum_cache_timeout (integer)"
msgstr "enum_cache_timeout (整数)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:494
+#: sssd.conf.5.xml:525
msgid ""
"How many seconds should nss_sss cache enumerations (requests for info about "
"all users)"
@@ -815,17 +882,17 @@ msgstr ""
"要求)。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:498
+#: sssd.conf.5.xml:529
msgid "Default: 120"
msgstr "初期値: 120"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:503
+#: sssd.conf.5.xml:534
msgid "entry_cache_nowait_percentage (integer)"
msgstr "entry_cache_nowait_percentage (整数)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:506
+#: sssd.conf.5.xml:537
msgid ""
"The entry cache can be set to automatically update entries in the background "
"if they are requested beyond a percentage of the entry_cache_timeout value "
@@ -836,7 +903,7 @@ msgstr ""
"す。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:512
+#: sssd.conf.5.xml:543
msgid ""
"For example, if the domain's entry_cache_timeout is set to 30s and "
"entry_cache_nowait_percentage is set to 50 (percent), entries that come in "
@@ -851,7 +918,7 @@ msgstr ""
"とをブロックする必要がありません。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:522
+#: sssd.conf.5.xml:553
msgid ""
"Valid values for this option are 0-99 and represent a percentage of the "
"entry_cache_timeout for each domain. For performance reasons, this "
@@ -864,17 +931,17 @@ msgstr ""
"(0 はこの機能を無効にします)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:530
+#: sssd.conf.5.xml:561
msgid "Default: 50"
msgstr "初期値: 50"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:535
+#: sssd.conf.5.xml:566
msgid "entry_negative_timeout (integer)"
msgstr "entry_negative_timeout (整数)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:538
+#: sssd.conf.5.xml:569
msgid ""
"Specifies for how many seconds nss_sss should cache negative cache hits "
"(that is, queries for invalid database entries, like nonexistent ones) "
@@ -885,17 +952,17 @@ msgstr ""
"せ)をキャッシュする秒数を指定します。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:544 sssd.conf.5.xml:992
+#: sssd.conf.5.xml:575 sssd.conf.5.xml:1044
msgid "Default: 15"
msgstr "初期値: 15"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:549
+#: sssd.conf.5.xml:580
msgid "filter_users, filter_groups (string)"
msgstr "filter_users, filter_groups (文字列)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:552
+#: sssd.conf.5.xml:583
msgid ""
"Exclude certain users from being fetched from the sss NSS database. This is "
"particularly useful for system accounts. This option can also be set per-"
@@ -908,17 +975,17 @@ msgstr ""
"飾名を含めることができます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:559
+#: sssd.conf.5.xml:590
msgid "Default: root"
msgstr "初期値: root"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:564
+#: sssd.conf.5.xml:595
msgid "filter_users_in_groups (bool)"
msgstr "filter_users_in_groups (論理値)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:567
+#: sssd.conf.5.xml:598
msgid ""
"If you want filtered user still be group members set this option to false."
msgstr ""
@@ -926,12 +993,12 @@ msgstr ""
"ションを偽に設定します。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:578
+#: sssd.conf.5.xml:609
msgid "fallback_homedir (string)"
msgstr "fallback_homedir (文字列)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:581
+#: sssd.conf.5.xml:612
msgid ""
"Set a default template for a user's home directory if one is not specified "
"explicitly by the domain's data provider."
@@ -940,7 +1007,7 @@ msgstr ""
"ホームディレクトリーの標準テンプレートを設定します。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:586
+#: sssd.conf.5.xml:617
msgid ""
"The available values for this option are the same as for override_homedir."
msgstr ""
@@ -948,7 +1015,7 @@ msgstr ""
"同じです。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
-#: sssd.conf.5.xml:592
+#: sssd.conf.5.xml:623
#, no-wrap
msgid ""
"fallback_homedir = /home/%u\n"
@@ -958,22 +1025,23 @@ msgstr ""
" "
#. type: Content of: <varlistentry><listitem><para>
-#: sssd.conf.5.xml:590 include/override_homedir.xml:55
+#: sssd.conf.5.xml:621 sssd.conf.5.xml:978 sssd-krb5.5.xml:533
+#: include/override_homedir.xml:55
msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr "例: <placeholder type=\"programlisting\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:596
+#: sssd.conf.5.xml:627
msgid "Default: not set (no substitution for unset home directories)"
msgstr "初期値: 設定なし (ホームディレクトリーの設定がない場合は代替なし)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:602
+#: sssd.conf.5.xml:633
msgid "override_shell (string)"
msgstr "override_shell (文字列)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:605
+#: sssd.conf.5.xml:636
msgid ""
"Override the login shell for all users. This option supersedes any other "
"shell options if it takes effect and can be set either in the [nss] section "
@@ -981,17 +1049,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:611
+#: sssd.conf.5.xml:642
msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
msgstr "初期値: 設定なし (SSSD は LDAP から取得された値を使用します)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:617
+#: sssd.conf.5.xml:648
msgid "allowed_shells (string)"
msgstr "allowed_shells (文字列)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:620
+#: sssd.conf.5.xml:651
msgid ""
"Restrict user shell to one of the listed values. The order of evaluation is:"
msgstr ""
@@ -999,13 +1067,13 @@ msgstr ""
"す:"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:623
+#: sssd.conf.5.xml:654
msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
msgstr ""
"1. シェルが <quote>/etc/shells</quote> に存在すると、それが使用されます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:627
+#: sssd.conf.5.xml:658
msgid ""
"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
"quote>, use the value of the shell_fallback parameter."
@@ -1014,7 +1082,7 @@ msgstr ""
"ば、shell_fallback パラメーターの値を使用します。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:632
+#: sssd.conf.5.xml:663
msgid ""
"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
"shells</quote>, a nologin shell is used."
@@ -1023,14 +1091,14 @@ msgstr ""
"ば、nologin シェルが使用されます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:637
+#: sssd.conf.5.xml:668
#, fuzzy
#| msgid "These options can be used to configure any service."
msgid "The wildcard (*) can be used to allow any shell."
msgstr "これらのオプションはすべてのサービスを設定するために使用できます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:640
+#: sssd.conf.5.xml:671
msgid ""
"The (*) is useful if you want to use shell_fallback in case that user's "
"shell is not in <quote>/etc/shells</quote> and maintaining list of all "
@@ -1038,12 +1106,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:647
+#: sssd.conf.5.xml:678
msgid "An empty string for shell is passed as-is to libc."
msgstr "シェルの空文字列は libc にそのまま渡されます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:650
+#: sssd.conf.5.xml:681
msgid ""
"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
"that a restart of the SSSD is required in case a new shell is installed."
@@ -1053,27 +1121,27 @@ msgstr ""
"ます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:654
+#: sssd.conf.5.xml:685
msgid "Default: Not set. The user shell is automatically used."
msgstr "初期値: 設定されません。ユーザーシェルが自動的に使用されます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:659
+#: sssd.conf.5.xml:690
msgid "vetoed_shells (string)"
msgstr "vetoed_shells (文字列)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:662
+#: sssd.conf.5.xml:693
msgid "Replace any instance of these shells with the shell_fallback"
msgstr "これらのシェルのインスタンスをすべて shell_fallback に置き換えます"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:667
+#: sssd.conf.5.xml:698
msgid "shell_fallback (string)"
msgstr "shell_fallback (文字列)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:670
+#: sssd.conf.5.xml:701
msgid ""
"The default shell to use if an allowed shell is not installed on the machine."
msgstr ""
@@ -1081,65 +1149,65 @@ msgstr ""
"す。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:674
+#: sssd.conf.5.xml:705
msgid "Default: /bin/sh"
msgstr "初期値: /bin/sh"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:679
+#: sssd.conf.5.xml:710
msgid "default_shell"
msgstr "default_shell"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:682
+#: sssd.conf.5.xml:713
msgid ""
"The default shell to use if the provider does not return one during lookup. "
"This option can be specified globally in the [nss] section or per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:688
+#: sssd.conf.5.xml:719
msgid ""
"Default: not set (Return NULL if no shell is specified and rely on libc to "
"substitute something sensible when necessary, usually /bin/sh)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:695 sssd.conf.5.xml:881
+#: sssd.conf.5.xml:726 sssd.conf.5.xml:912
msgid "get_domains_timeout (int)"
msgstr "get_domains_timeout (整数)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:698 sssd.conf.5.xml:884
+#: sssd.conf.5.xml:729 sssd.conf.5.xml:915
msgid ""
"Specifies time in seconds for which the list of subdomains will be "
"considered valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:707
+#: sssd.conf.5.xml:738
msgid "memcache_timeout (int)"
msgstr "memcache_timeout (整数)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:710
+#: sssd.conf.5.xml:741
msgid ""
"Specifies time in seconds for which records in the in-memory cache will be "
"valid"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:714 sssd-ldap.5.xml:706
+#: sssd.conf.5.xml:745 sssd-ldap.5.xml:706
msgid "Default: 300"
msgstr "初期値: 300"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:719 sssd-ifp.5.xml:74
+#: sssd.conf.5.xml:750 sssd-ifp.5.xml:74
msgid "user_attributes (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:722
+#: sssd.conf.5.xml:753
msgid ""
"Some of the additional NSS responder requests can return more attributes "
"than just the POSIX ones defined by the NSS interface. The list of "
@@ -1150,24 +1218,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:735
+#: sssd.conf.5.xml:766
msgid ""
"To make configuration more easy the NSS responder will check the InfoPipe "
"option if it is not set for the NSS responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:740
+#: sssd.conf.5.xml:771
msgid "Default: not set, fallback to InfoPipe option"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:747
+#: sssd.conf.5.xml:778
msgid "PAM configuration options"
msgstr "PAM 設定オプション"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:749
+#: sssd.conf.5.xml:780
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
@@ -1176,12 +1244,12 @@ msgstr ""
"ために使用できます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:754
+#: sssd.conf.5.xml:785
msgid "offline_credentials_expiration (integer)"
msgstr "offline_credentials_expiration (整数)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:757
+#: sssd.conf.5.xml:788
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
@@ -1190,17 +1258,17 @@ msgstr ""
"ラインログインの最終成功からの日数)です。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:762 sssd.conf.5.xml:775
+#: sssd.conf.5.xml:793 sssd.conf.5.xml:806
msgid "Default: 0 (No limit)"
msgstr "初期値: 0 (無制限)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:768
+#: sssd.conf.5.xml:799
msgid "offline_failed_login_attempts (integer)"
msgstr "offline_failed_login_attempts (整数)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:771
+#: sssd.conf.5.xml:802
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
@@ -1208,12 +1276,12 @@ msgstr ""
"認証プロバイダーがオフラインの場合、ログイン試行の失敗が許容される回数です。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:781
+#: sssd.conf.5.xml:812
msgid "offline_failed_login_delay (integer)"
msgstr "offline_failed_login_delay (整数)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:784
+#: sssd.conf.5.xml:815
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
@@ -1222,7 +1290,7 @@ msgstr ""
"渡される分単位の時間です。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:789
+#: sssd.conf.5.xml:820
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -1233,17 +1301,17 @@ msgstr ""
"効にできます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:795 sssd.conf.5.xml:848
+#: sssd.conf.5.xml:826 sssd.conf.5.xml:879
msgid "Default: 5"
msgstr "初期値: 5"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:801
+#: sssd.conf.5.xml:832
msgid "pam_verbosity (integer)"
msgstr "pam_verbosity (整数)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:804
+#: sssd.conf.5.xml:835
msgid ""
"Controls what kind of messages are shown to the user during authentication. "
"The higher the number to more messages are displayed."
@@ -1252,42 +1320,42 @@ msgstr ""
"きいほどメッセージが表示されます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:809
+#: sssd.conf.5.xml:840
msgid "Currently sssd supports the following values:"
msgstr "現在 sssd は以下の値をサポートします:"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:812
+#: sssd.conf.5.xml:843
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr "<emphasis>0</emphasis>: 何もメッセージを表示しない"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:815
+#: sssd.conf.5.xml:846
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr "<emphasis>1</emphasis>: 重要なメッセージのみを表示する"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:819
+#: sssd.conf.5.xml:850
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr "<emphasis>2</emphasis>: 情報レベルのメッセージを表示する"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:822
+#: sssd.conf.5.xml:853
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr "<emphasis>3</emphasis>: すべてのメッセージとデバッグ情報を表示する"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:826 sssd.8.xml:63
+#: sssd.conf.5.xml:857 sssd.8.xml:63
msgid "Default: 1"
msgstr "初期値: 1"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:831
+#: sssd.conf.5.xml:862
msgid "pam_id_timeout (integer)"
msgstr "pam_id_timeout (整数)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:834
+#: sssd.conf.5.xml:865
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -1297,7 +1365,7 @@ msgstr ""
"されるよう、SSSD は直ちにキャッシュされた識別情報を更新しようとします。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:840
+#: sssd.conf.5.xml:871
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a per-"
@@ -1310,17 +1378,17 @@ msgstr ""
"アプリケーションごとに)制御します。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:854
+#: sssd.conf.5.xml:885
msgid "pam_pwd_expiration_warning (integer)"
msgstr "pam_pwd_expiration_warning (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:857 sssd.conf.5.xml:1390
+#: sssd.conf.5.xml:888 sssd.conf.5.xml:1442
msgid "Display a warning N days before the password expires."
msgstr "パスワードの期限が切れる前に N 日間警告を表示します。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:860
+#: sssd.conf.5.xml:891
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1330,31 +1398,31 @@ msgstr ""
"ことに注意してください。この情報がなければ、sssd は警告を表示します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:866 sssd.conf.5.xml:1393
+#: sssd.conf.5.xml:897 sssd.conf.5.xml:1445
msgid ""
"If zero is set, then this filter is not applied, i.e. if the expiration "
"warning was received from backend server, it will automatically be displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:871
+#: sssd.conf.5.xml:902
msgid ""
"This setting can be overridden by setting <emphasis>pwd_expiration_warning</"
"emphasis> for a particular domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:876 sssd.8.xml:79
+#: sssd.conf.5.xml:907 sssd.8.xml:79
msgid "Default: 0"
msgstr "初期値: 0"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:893
+#: sssd.conf.5.xml:924
msgid "pam_trusted_users (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:896
+#: sssd.conf.5.xml:927
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAM responder. User names are resolved to UIDs at "
@@ -1362,59 +1430,77 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:902
+#: sssd.conf.5.xml:933
msgid "Default: all (All users are allowed to access the PAM responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:906
+#: sssd.conf.5.xml:937
msgid ""
"Please note that UID 0 is always allowed to access the PAM responder even in "
"case it is not in the pam_trusted_users list."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:913
+#: sssd.conf.5.xml:944
msgid "pam_public_domains (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:916
+#: sssd.conf.5.xml:947
msgid ""
"Specifies the comma-separated list of domain names that are accessible even "
"to untrusted users."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:920
+#: sssd.conf.5.xml:951
msgid "Two special values for pam_public_domains option are defined:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:924
+#: sssd.conf.5.xml:955
msgid ""
"all (Untrusted users are allowed to access all domains in PAM responder.)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:928
+#: sssd.conf.5.xml:959
msgid ""
"none (Untrusted users are not allowed to access any domains PAM in "
"responder.)"
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:932 sssd.conf.5.xml:1192 sssd-ldap.5.xml:1753
-msgid "Default: none"
-msgstr "初期値: none"
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:968
+#, fuzzy
+#| msgid "ldap_user_ad_account_expires (string)"
+msgid "pam_account_expired_message (string)"
+msgstr "ldap_user_ad_account_expires (文字列)"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:971
+msgid ""
+"If user is authenticating using SSH keys and account is expired then by "
+"default 'Permission denied' is output. This output will be changed to "
+"content of this variable if it is set."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd.conf.5.xml:980
+#, no-wrap
+msgid ""
+"pam_account_expired_message = Account expired, please call help desk.\n"
+" "
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:941
+#: sssd.conf.5.xml:993
msgid "SUDO configuration options"
msgstr "SUDO 設定オプション"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:943
+#: sssd.conf.5.xml:995
msgid ""
"These options can be used to configure the sudo service. The detailed "
"instructions for configuration of <citerefentry> <refentrytitle>sudo</"
@@ -1425,12 +1511,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:960
+#: sssd.conf.5.xml:1012
msgid "sudo_timed (bool)"
msgstr "sudo_timed (論理値)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:1015
msgid ""
"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
"that implement time-dependent sudoers entries."
@@ -1439,22 +1525,22 @@ msgstr ""
"を評価するかしないかです。"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:976
+#: sssd.conf.5.xml:1028
msgid "AUTOFS configuration options"
msgstr "Autofs 設定オプション"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:978
+#: sssd.conf.5.xml:1030
msgid "These options can be used to configure the autofs service."
msgstr "これらのオプションが autofs サービスを設定するために使用されます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:982
+#: sssd.conf.5.xml:1034
msgid "autofs_negative_timeout (integer)"
msgstr "autofs_negative_timeout (整数)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:985
+#: sssd.conf.5.xml:1037
msgid ""
"Specifies for how many seconds should the autofs responder negative cache "
"hits (that is, queries for invalid map entries, like nonexistent ones) "
@@ -1465,51 +1551,51 @@ msgstr ""
"ヒットする秒数を指定します。"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1001
+#: sssd.conf.5.xml:1053
msgid "SSH configuration options"
msgstr "SSH 設定オプション"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1003
+#: sssd.conf.5.xml:1055
msgid "These options can be used to configure the SSH service."
msgstr "これらのオプションは SSH サービスを設定するために使用されます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1007
+#: sssd.conf.5.xml:1059
msgid "ssh_hash_known_hosts (bool)"
msgstr "ssh_hash_known_hosts (論理値)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1010
+#: sssd.conf.5.xml:1062
msgid ""
"Whether or not to hash host names and addresses in the managed known_hosts "
"file."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1019
+#: sssd.conf.5.xml:1071
msgid "ssh_known_hosts_timeout (integer)"
msgstr "ssh_known_hosts_timeout (整数)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1022
+#: sssd.conf.5.xml:1074
msgid ""
"How many seconds to keep a host in the managed known_hosts file after its "
"host keys were requested."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1026
+#: sssd.conf.5.xml:1078
msgid "Default: 180"
msgstr "初期値: 180"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1034
+#: sssd.conf.5.xml:1086
msgid "PAC responder configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1036
+#: sssd.conf.5.xml:1088
msgid ""
"The PAC responder works together with the authorization data plugin for MIT "
"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
@@ -1521,7 +1607,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1045
+#: sssd.conf.5.xml:1097
msgid ""
"If the remote user does not exist in the cache, it is created. The uid is "
"determined with the help of the SID, trusted domains will have UPGs and the "
@@ -1532,24 +1618,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1053
+#: sssd.conf.5.xml:1105
msgid ""
"If there are SIDs of groups from domains sssd knows about, the user will be "
"added to those groups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1059
+#: sssd.conf.5.xml:1111
msgid "These options can be used to configure the PAC responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1063 sssd-ifp.5.xml:50
+#: sssd.conf.5.xml:1115 sssd-ifp.5.xml:50
msgid "allowed_uids (string)"
msgstr "allowed_uids (文字列)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1066
+#: sssd.conf.5.xml:1118
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAC responder. User names are resolved to UIDs at "
@@ -1557,12 +1643,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1072
+#: sssd.conf.5.xml:1124
msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1076
+#: sssd.conf.5.xml:1128
msgid ""
"Please note that although the UID 0 is used as the default it will be "
"overwritten with this option. If you still want to allow the root user to "
@@ -1571,17 +1657,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:1090
+#: sssd.conf.5.xml:1142
msgid "DOMAIN SECTIONS"
msgstr "ドメインセクション"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1097
+#: sssd.conf.5.xml:1149
msgid "min_id,max_id (integer)"
msgstr "min_id,max_id (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1100
+#: sssd.conf.5.xml:1152
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
@@ -1590,7 +1676,7 @@ msgstr ""
"トリーを含む場合、それは無視されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1105
+#: sssd.conf.5.xml:1157
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For non-"
@@ -1602,24 +1688,24 @@ msgstr ""
"バーに対して、範囲内にあるものは予期されたものとして報告されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1112
+#: sssd.conf.5.xml:1164
msgid ""
"These ID limits affect even saving entries to cache, not only returning them "
"by name or ID."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1116
+#: sssd.conf.5.xml:1168
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr "初期値: min_id は 1, max_id は 0 (無制限)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1122
+#: sssd.conf.5.xml:1174
msgid "enumerate (bool)"
msgstr "enumerate (論理値)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1125
+#: sssd.conf.5.xml:1177
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
@@ -1628,23 +1714,23 @@ msgstr ""
"必要があります:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1129
+#: sssd.conf.5.xml:1181
msgid "TRUE = Users and groups are enumerated"
msgstr "TRUE = ユーザーとグループが列挙されます"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1132
+#: sssd.conf.5.xml:1184
msgid "FALSE = No enumerations for this domain"
msgstr "FALSE = このドメインに対して列挙しません"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1135 sssd.conf.5.xml:1367 sssd.conf.5.xml:1476
-#: sssd.conf.5.xml:1493
+#: sssd.conf.5.xml:1187 sssd.conf.5.xml:1419 sssd.conf.5.xml:1528
+#: sssd.conf.5.xml:1545
msgid "Default: FALSE"
msgstr "初期値: FALSE"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1138
+#: sssd.conf.5.xml:1190
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
@@ -1656,7 +1742,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1151
+#: sssd.conf.5.xml:1203
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
@@ -1665,7 +1751,7 @@ msgstr ""
"れが完了するまで結果を返しません。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1156
+#: sssd.conf.5.xml:1208
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -1678,39 +1764,39 @@ msgstr ""
"てください。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1164
+#: sssd.conf.5.xml:1216
msgid ""
"For the reasons cited above, enabling enumeration is not recommended, "
"especially in large environments."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1172
+#: sssd.conf.5.xml:1224
msgid "subdomain_enumerate (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1179
+#: sssd.conf.5.xml:1231
msgid "all"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1180
+#: sssd.conf.5.xml:1232
msgid "All discovered trusted domains will be enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1183
+#: sssd.conf.5.xml:1235
msgid "none"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1184
+#: sssd.conf.5.xml:1236
msgid "No discovered trusted domains will be enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1175
+#: sssd.conf.5.xml:1227
msgid ""
"Whether any of autodetected trusted domains should be enumerated. The "
"supported values are: <placeholder type=\"variablelist\" id=\"0\"/> "
@@ -1719,12 +1805,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1215
+#: sssd.conf.5.xml:1267
msgid "entry_cache_timeout (integer)"
msgstr "entry_cache_timeout (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1218
+#: sssd.conf.5.xml:1270
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
@@ -1733,7 +1819,7 @@ msgstr ""
"数です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1222
+#: sssd.conf.5.xml:1274
msgid ""
"The cache expiration timestamps are stored as attributes of individual "
"objects in the cache. Therefore, changing the cache timeout only has effect "
@@ -1744,17 +1830,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1235
+#: sssd.conf.5.xml:1287
msgid "Default: 5400"
msgstr "初期値: 5400"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1241
+#: sssd.conf.5.xml:1293
msgid "entry_cache_user_timeout (integer)"
msgstr "entry_cache_user_timeout (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1244
+#: sssd.conf.5.xml:1296
msgid ""
"How many seconds should nss_sss consider user entries valid before asking "
"the backend again"
@@ -1763,19 +1849,19 @@ msgstr ""
"考える秒数です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1248 sssd.conf.5.xml:1261 sssd.conf.5.xml:1274
-#: sssd.conf.5.xml:1287 sssd.conf.5.xml:1300 sssd.conf.5.xml:1314
-#: sssd.conf.5.xml:1328
+#: sssd.conf.5.xml:1300 sssd.conf.5.xml:1313 sssd.conf.5.xml:1326
+#: sssd.conf.5.xml:1339 sssd.conf.5.xml:1352 sssd.conf.5.xml:1366
+#: sssd.conf.5.xml:1380
msgid "Default: entry_cache_timeout"
msgstr "初期値: entry_cache_timeout"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1254
+#: sssd.conf.5.xml:1306
msgid "entry_cache_group_timeout (integer)"
msgstr "entry_cache_group_timeout (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1257
+#: sssd.conf.5.xml:1309
msgid ""
"How many seconds should nss_sss consider group entries valid before asking "
"the backend again"
@@ -1784,12 +1870,12 @@ msgstr ""
"考える秒数です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1267
+#: sssd.conf.5.xml:1319
msgid "entry_cache_netgroup_timeout (integer)"
msgstr "entry_cache_netgroup_timeout (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1270
+#: sssd.conf.5.xml:1322
msgid ""
"How many seconds should nss_sss consider netgroup entries valid before "
"asking the backend again"
@@ -1798,12 +1884,12 @@ msgstr ""
"有効であると考える秒数です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1280
+#: sssd.conf.5.xml:1332
msgid "entry_cache_service_timeout (integer)"
msgstr "entry_cache_service_timeout (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1283
+#: sssd.conf.5.xml:1335
msgid ""
"How many seconds should nss_sss consider service entries valid before asking "
"the backend again"
@@ -1812,93 +1898,94 @@ msgstr ""
"考える秒数です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1293
+#: sssd.conf.5.xml:1345
msgid "entry_cache_sudo_timeout (integer)"
msgstr "entry_cache_sudo_timeout (integer)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1296
+#: sssd.conf.5.xml:1348
msgid ""
"How many seconds should sudo consider rules valid before asking the backend "
"again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1306
+#: sssd.conf.5.xml:1358
msgid "entry_cache_autofs_timeout (integer)"
msgstr "entry_cache_autofs_timeout (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1309
+#: sssd.conf.5.xml:1361
msgid ""
"How many seconds should the autofs service consider automounter maps valid "
"before asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1320
+#: sssd.conf.5.xml:1372
msgid "entry_cache_ssh_host_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1323
+#: sssd.conf.5.xml:1375
msgid ""
"How many seconds to keep a host ssh key after refresh. IE how long to cache "
"the host key for."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1334
+#: sssd.conf.5.xml:1386
msgid "refresh_expired_interval (integer)"
msgstr "refresh_expired_interval (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1337
+#: sssd.conf.5.xml:1389
msgid ""
"Specifies how many seconds SSSD has to wait before triggering a background "
"refresh task which will refresh all expired or nearly expired records."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1342
-msgid "Currently only refreshing expired netgroups is supported."
+#: sssd.conf.5.xml:1394
+msgid ""
+"The background refresh will process users, groups and netgroups in the cache."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1346
+#: sssd.conf.5.xml:1398
msgid "You can consider setting this value to 3/4 * entry_cache_timeout."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1350 sssd-ipa.5.xml:224
+#: sssd.conf.5.xml:1402 sssd-ipa.5.xml:224
msgid "Default: 0 (disabled)"
msgstr "初期値: 0 (無効)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1356
+#: sssd.conf.5.xml:1408
msgid "cache_credentials (bool)"
msgstr "cache_credentials (論理値)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1359
+#: sssd.conf.5.xml:1411
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
"ユーザーのクレディンシャルがローカル LDB キャッシュにキャッシュされるかどうか"
"を決めます"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1363
+#: sssd.conf.5.xml:1415
msgid "User credentials are stored in a SHA512 hash, not in plaintext"
msgstr ""
"ユーザーのクレディンシャルが、平文ではなく SHA512 ハッシュで保存されます"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1372
+#: sssd.conf.5.xml:1424
msgid "account_cache_expiration (integer)"
msgstr "account_cache_expiration (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1375
+#: sssd.conf.5.xml:1427
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -1910,17 +1997,17 @@ msgstr ""
"offline_credentials_expiration と同等以上でなければいけません。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1382
+#: sssd.conf.5.xml:1434
msgid "Default: 0 (unlimited)"
msgstr "初期値: 0 (無制限)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1387
+#: sssd.conf.5.xml:1439
msgid "pwd_expiration_warning (integer)"
msgstr "pwd_expiration_warning (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1398
+#: sssd.conf.5.xml:1450
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1929,17 +2016,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1405
+#: sssd.conf.5.xml:1457
msgid "Default: 7 (Kerberos), 0 (LDAP)"
msgstr "初期値: 7 (Kerberos), 0 (LDAP)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1411
+#: sssd.conf.5.xml:1463
msgid "id_provider (string)"
msgstr "id_provider (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1414
+#: sssd.conf.5.xml:1466
msgid ""
"The identification provider used for the domain. Supported ID providers are:"
msgstr ""
@@ -1947,17 +2034,17 @@ msgstr ""
"ダーは次のとおりです:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1418
+#: sssd.conf.5.xml:1470
msgid "<quote>proxy</quote>: Support a legacy NSS provider"
msgstr "<quote>proxy</quote>: レガシーな NSS プロバイダーのサポート"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1421 sssd.conf.5.xml:1539
+#: sssd.conf.5.xml:1473 sssd.conf.5.xml:1591
msgid "<quote>local</quote>: SSSD internal provider for local users"
msgstr "<quote>local</quote>: ローカルユーザー向け SSSD 内部プロバイダー"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1425
+#: sssd.conf.5.xml:1477
msgid ""
"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
@@ -1968,8 +2055,8 @@ msgstr ""
"manvolnum> </citerefentry> を参照してください。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1433 sssd.conf.5.xml:1519 sssd.conf.5.xml:1574
-#: sssd.conf.5.xml:1627
+#: sssd.conf.5.xml:1485 sssd.conf.5.xml:1571 sssd.conf.5.xml:1626
+#: sssd.conf.5.xml:1679
msgid ""
"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -1982,8 +2069,8 @@ msgstr ""
"い。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1442 sssd.conf.5.xml:1528 sssd.conf.5.xml:1583
-#: sssd.conf.5.xml:1636
+#: sssd.conf.5.xml:1494 sssd.conf.5.xml:1580 sssd.conf.5.xml:1635
+#: sssd.conf.5.xml:1688
msgid ""
"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1994,12 +2081,12 @@ msgstr ""
"<manvolnum>5</manvolnum> </citerefentry> を参照してください。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1453
+#: sssd.conf.5.xml:1505
msgid "use_fully_qualified_names (bool)"
msgstr "use_fully_qualified_names (論理値)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1456
+#: sssd.conf.5.xml:1508
msgid ""
"Use the full name and domain (as formatted by the domain's full_name_format) "
"as the user's login name reported to NSS."
@@ -2008,7 +2095,7 @@ msgstr ""
"名形式により整形されたように) を使用します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1461
+#: sssd.conf.5.xml:1513
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified names. "
"For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -2021,7 +2108,7 @@ msgstr ""
"んが、<command>getent passwd test@LOCAL</command> は見つけられます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1469
+#: sssd.conf.5.xml:1521
msgid ""
"NOTE: This option has no effect on netgroup lookups due to their tendency to "
"include nested netgroups without qualified names. For netgroups, all domains "
@@ -2029,17 +2116,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1481
+#: sssd.conf.5.xml:1533
msgid "ignore_group_members (bool)"
msgstr "ignore_group_members (論理値)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1484
+#: sssd.conf.5.xml:1536
msgid "Do not return group members for group lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1487
+#: sssd.conf.5.xml:1539
msgid ""
"If set to TRUE, the group membership attribute is not requested from the "
"ldap server, and group members are not returned when processing group lookup "
@@ -2047,12 +2134,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1498
+#: sssd.conf.5.xml:1550
msgid "auth_provider (string)"
msgstr "auth_provider (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1501
+#: sssd.conf.5.xml:1553
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
@@ -2061,7 +2148,7 @@ msgstr ""
"ダーは次のとおりです:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1505 sssd.conf.5.xml:1567
+#: sssd.conf.5.xml:1557 sssd.conf.5.xml:1619
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2072,7 +2159,7 @@ msgstr ""
"manvolnum> </citerefentry> を参照してください。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1512
+#: sssd.conf.5.xml:1564
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2083,19 +2170,19 @@ msgstr ""
"manvolnum> </citerefentry> を参照してください。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1536
+#: sssd.conf.5.xml:1588
msgid ""
"<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr ""
"<quote>proxy</quote> はいくつかの他の PAM ターゲットに認証を中継します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1543
+#: sssd.conf.5.xml:1595
msgid "<quote>none</quote> disables authentication explicitly."
msgstr "<quote>none</quote> は明示的に認証を無効化します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1546
+#: sssd.conf.5.xml:1598
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
@@ -2104,12 +2191,12 @@ msgstr ""
"ならば、それが使用されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1552
+#: sssd.conf.5.xml:1604
msgid "access_provider (string)"
msgstr "access_provider (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1555
+#: sssd.conf.5.xml:1607
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -2120,7 +2207,7 @@ msgstr ""
"えます)。内部の特別プロバイダーは次のとおりです:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1561
+#: sssd.conf.5.xml:1613
msgid ""
"<quote>permit</quote> always allow access. It's the only permitted access "
"provider for a local domain."
@@ -2129,12 +2216,12 @@ msgstr ""
"ロバイダーのみアクセスが許可されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1564
+#: sssd.conf.5.xml:1616
msgid "<quote>deny</quote> always deny access."
msgstr "<quote>deny</quote> は常にアクセスを拒否します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1591
+#: sssd.conf.5.xml:1643
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
@@ -2147,17 +2234,17 @@ msgstr ""
"citerefentry> を参照してください。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1598
+#: sssd.conf.5.xml:1650
msgid "Default: <quote>permit</quote>"
msgstr "初期値: <quote>permit</quote>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1603
+#: sssd.conf.5.xml:1655
msgid "chpass_provider (string)"
msgstr "chpass_provider (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1606
+#: sssd.conf.5.xml:1658
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
@@ -2166,7 +2253,7 @@ msgstr ""
"パスワード変更プロバイダーは次のとおりです:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1611
+#: sssd.conf.5.xml:1663
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
@@ -2177,7 +2264,7 @@ msgstr ""
"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> を参照してください。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1619
+#: sssd.conf.5.xml:1671
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2188,7 +2275,7 @@ msgstr ""
"<manvolnum>5</manvolnum> </citerefentry> を参照してください。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1644
+#: sssd.conf.5.xml:1696
msgid ""
"<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr ""
@@ -2196,12 +2283,12 @@ msgstr ""
"します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1648
+#: sssd.conf.5.xml:1700
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr "<quote>none</quote> は明示的にパスワードの変更を無効化します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1651
+#: sssd.conf.5.xml:1703
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
@@ -2210,19 +2297,19 @@ msgstr ""
"うことができるならば、それが使用されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1658
+#: sssd.conf.5.xml:1710
msgid "sudo_provider (string)"
msgstr "sudo_provider (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1661
+#: sssd.conf.5.xml:1713
msgid "The SUDO provider used for the domain. Supported SUDO providers are:"
msgstr ""
"ドメインに使用される SUDO プロバイダーです。サポートされる SUDO プロバイダー"
"は次のとおりです:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1665
+#: sssd.conf.5.xml:1717
msgid ""
"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2233,33 +2320,33 @@ msgstr ""
"<manvolnum>5</manvolnum> </citerefentry> を参照します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1673
+#: sssd.conf.5.xml:1725
msgid ""
"<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default "
"settings."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1677
+#: sssd.conf.5.xml:1729
msgid ""
"<quote>ad</quote> the same as <quote>ldap</quote> but with AD default "
"settings."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1681
+#: sssd.conf.5.xml:1733
msgid "<quote>none</quote> disables SUDO explicitly."
msgstr "<quote>none</quote> は SUDO を明示的に無効化します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1684 sssd.conf.5.xml:1762 sssd.conf.5.xml:1794
-#: sssd.conf.5.xml:1819
+#: sssd.conf.5.xml:1736 sssd.conf.5.xml:1814 sssd.conf.5.xml:1846
+#: sssd.conf.5.xml:1871
msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
msgstr ""
"初期値: <quote>id_provider</quote> の値が設定されていると使用されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1688
+#: sssd.conf.5.xml:1740
msgid ""
"The detailed instructions for configuration of sudo_provider are in the "
"manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> "
@@ -2270,12 +2357,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1705
+#: sssd.conf.5.xml:1757
msgid "selinux_provider (string)"
msgstr "selinux_provider (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1708
+#: sssd.conf.5.xml:1760
msgid ""
"The provider which should handle loading of selinux settings. Note that this "
"provider will be called right after access provider ends. Supported selinux "
@@ -2283,7 +2370,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1714
+#: sssd.conf.5.xml:1766
msgid ""
"<quote>ipa</quote> to load selinux settings from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2291,31 +2378,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1722
+#: sssd.conf.5.xml:1774
msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1725
+#: sssd.conf.5.xml:1777
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"selinux loading requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1731
+#: sssd.conf.5.xml:1783
msgid "subdomains_provider (string)"
msgstr "subdomains_provider (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1734
+#: sssd.conf.5.xml:1786
msgid ""
"The provider which should handle fetching of subdomains. This value should "
"be always the same as id_provider. Supported subdomain providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1740
+#: sssd.conf.5.xml:1792
msgid ""
"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2323,7 +2410,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1749
+#: sssd.conf.5.xml:1801
msgid ""
"<quote>ad</quote> to load a list of subdomains from an Active Directory "
"server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> "
@@ -2332,17 +2419,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1758
+#: sssd.conf.5.xml:1810
msgid "<quote>none</quote> disallows fetching subdomains explicitly."
msgstr "<quote>none</quote> はサブドメインの取り出しを明示的に無効化します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1769
+#: sssd.conf.5.xml:1821
msgid "autofs_provider (string)"
msgstr "autofs_provider (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1772
+#: sssd.conf.5.xml:1824
msgid ""
"The autofs provider used for the domain. Supported autofs providers are:"
msgstr ""
@@ -2350,7 +2437,7 @@ msgstr ""
"プロバイダーは次のとおりです:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1776
+#: sssd.conf.5.xml:1828
msgid ""
"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2361,7 +2448,7 @@ msgstr ""
"<manvolnum>5</manvolnum> </citerefentry> を参照してください。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1783
+#: sssd.conf.5.xml:1835
msgid ""
"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2372,17 +2459,17 @@ msgstr ""
"<manvolnum>5</manvolnum> </citerefentry> を参照してください。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1791
+#: sssd.conf.5.xml:1843
msgid "<quote>none</quote> disables autofs explicitly."
msgstr "<quote>none</quote> は明示的に autofs を無効にします。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1801
+#: sssd.conf.5.xml:1853
msgid "hostid_provider (string)"
msgstr "hostid_provider (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1804
+#: sssd.conf.5.xml:1856
msgid ""
"The provider used for retrieving host identity information. Supported "
"hostid providers are:"
@@ -2391,7 +2478,7 @@ msgstr ""
"hostid プロバイダーは次のとおりです:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1808
+#: sssd.conf.5.xml:1860
msgid ""
"<quote>ipa</quote> to load host identity stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2402,12 +2489,12 @@ msgstr ""
"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> を参照してください。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1816
+#: sssd.conf.5.xml:1868
msgid "<quote>none</quote> disables hostid explicitly."
msgstr "<quote>none</quote> は明示的に hostid を無効にします。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1829
+#: sssd.conf.5.xml:1881
msgid ""
"Regular expression for this domain that describes how to parse the string "
"containing user name and domain into these components. The \"domain\" can "
@@ -2417,7 +2504,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1838
+#: sssd.conf.5.xml:1890
msgid ""
"Default for the AD and IPA provider: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
"\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
@@ -2426,29 +2513,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1843
+#: sssd.conf.5.xml:1895
msgid "username"
msgstr "username"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1846
+#: sssd.conf.5.xml:1898
msgid "username@domain.name"
msgstr "username@domain.name"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1849
+#: sssd.conf.5.xml:1901
msgid "domain\\username"
msgstr "domain\\username"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1852
+#: sssd.conf.5.xml:1904
msgid ""
"While the first two correspond to the general default the third one is "
"introduced to allow easy integration of users from Windows domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1857
+#: sssd.conf.5.xml:1909
msgid ""
"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
"which translates to \"the name is everything up to the <quote>@</quote> "
@@ -2459,7 +2546,7 @@ msgstr ""
"everything after that\" に解釈されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1863
+#: sssd.conf.5.xml:1915
msgid ""
"PLEASE NOTE: the support for non-unique named subpatterns is not available "
"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
@@ -2467,7 +2554,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1870
+#: sssd.conf.5.xml:1922
msgid ""
"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?"
"P&lt;name&gt;) to label subpatterns."
@@ -2476,17 +2563,17 @@ msgstr ""
"Python 構文 (?P&lt;name&gt;) のみをサポートします。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1917
+#: sssd.conf.5.xml:1969
msgid "Default: <quote>%1$s@%2$s</quote>."
msgstr "初期値: <quote>%1$s@%2$s</quote>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1923
+#: sssd.conf.5.xml:1975
msgid "lookup_family_order (string)"
msgstr "lookup_family_order (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1926
+#: sssd.conf.5.xml:1978
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
@@ -2495,46 +2582,46 @@ msgstr ""
"します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1930
+#: sssd.conf.5.xml:1982
msgid "Supported values:"
msgstr "サポートする値:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1933
+#: sssd.conf.5.xml:1985
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr ""
"ipv4_first: IPv4 アドレスの検索を試行します。失敗すると IPv6 を試行します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1936
+#: sssd.conf.5.xml:1988
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr ""
"ipv4_only: ホスト名を IPv4 アドレスに名前解決することのみを試行します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1939
+#: sssd.conf.5.xml:1991
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr ""
"ipv6_first: IPv6 アドレスの検索を試行します。失敗すると IPv4 を試行します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1942
+#: sssd.conf.5.xml:1994
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr ""
"ipv6_only: ホスト名を IPv6 アドレスに名前解決することのみを試行します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1945
+#: sssd.conf.5.xml:1997
msgid "Default: ipv4_first"
msgstr "初期値: ipv4_first"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1951
+#: sssd.conf.5.xml:2003
msgid "dns_resolver_timeout (integer)"
msgstr "dns_resolver_timeout (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1954
+#: sssd.conf.5.xml:2006
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -2545,18 +2632,18 @@ msgstr ""
"ドにて操作を継続します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1960 sssd-ldap.5.xml:1184 sssd-ldap.5.xml:1226
-#: sssd-ldap.5.xml:1241 sssd-krb5.5.xml:239
+#: sssd.conf.5.xml:2012 sssd-ldap.5.xml:1184 sssd-ldap.5.xml:1226
+#: sssd-ldap.5.xml:1241 sssd-krb5.5.xml:248
msgid "Default: 6"
msgstr "初期値: 6"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1966
+#: sssd.conf.5.xml:2018
msgid "dns_discovery_domain (string)"
msgstr "dns_discovery_domain (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1969
+#: sssd.conf.5.xml:2021
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
@@ -2565,52 +2652,52 @@ msgstr ""
"イン部分を指定します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1973
+#: sssd.conf.5.xml:2025
msgid "Default: Use the domain part of machine's hostname"
msgstr "初期値: マシンのホスト名のドメイン部分を使用します"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1979
+#: sssd.conf.5.xml:2031
msgid "override_gid (integer)"
msgstr "override_gid (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1982
+#: sssd.conf.5.xml:2034
msgid "Override the primary GID value with the one specified."
msgstr "プライマリー GID の値を指定されたもので上書きします。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1988
+#: sssd.conf.5.xml:2040
msgid "case_sensitive (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1996
+#: sssd.conf.5.xml:2048
msgid "True"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1999
+#: sssd.conf.5.xml:2051
msgid "Case sensitive. This value is invalid for AD provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2005
+#: sssd.conf.5.xml:2057
msgid "False"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2007
+#: sssd.conf.5.xml:2059
msgid "Case insensitive."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2011
+#: sssd.conf.5.xml:2063
msgid "Preserving"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2014
+#: sssd.conf.5.xml:2066
msgid ""
"Same as False (case insensitive), but does not lowercase names in the result "
"of NSS operations. Note that name aliases (and in case of services also "
@@ -2618,7 +2705,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1991
+#: sssd.conf.5.xml:2043
msgid ""
"Treat user and group names as case sensitive. At the moment, this option is "
"not supported in the local provider. Possible option values are: "
@@ -2626,17 +2713,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2026
+#: sssd.conf.5.xml:2078
msgid "Default: True (False for AD provider)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2032
+#: sssd.conf.5.xml:2084
msgid "proxy_fast_alias (boolean)"
msgstr "proxy_fast_alias (論理値)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2035
+#: sssd.conf.5.xml:2087
msgid ""
"When a user or group is looked up by name in the proxy provider, a second "
"lookup by ID is performed to \"canonicalize\" the name in case the requested "
@@ -2645,22 +2732,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2049
+#: sssd.conf.5.xml:2101
msgid "subdomain_homedir (string)"
msgstr "subdomain_homedir (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2060
+#: sssd.conf.5.xml:2112
msgid "%F"
msgstr "%F"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2061
+#: sssd.conf.5.xml:2113
msgid "flat (NetBIOS) name of a subdomain."
msgstr "サブドメインのフラット (NetBIOS) 名。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2052
+#: sssd.conf.5.xml:2104
msgid ""
"Use this homedir as default value for all subdomains within this domain in "
"IPA AD trust. See <emphasis>override_homedir</emphasis> for info about "
@@ -2670,30 +2757,30 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2066
+#: sssd.conf.5.xml:2118
msgid ""
"The value can be overridden by <emphasis>override_homedir</emphasis> option."
msgstr ""
"値は <emphasis>override_homedir</emphasis> オプションにより上書きできます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2070
+#: sssd.conf.5.xml:2122
msgid "Default: <filename>/home/%d/%u</filename>"
msgstr "初期値: <filename>/home/%d/%u</filename>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2075
+#: sssd.conf.5.xml:2127
msgid "realmd_tags (string)"
msgstr "realmd_tags (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2078
+#: sssd.conf.5.xml:2130
msgid ""
"Various tags stored by the realmd configuration service for this domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1092
+#: sssd.conf.5.xml:1144
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
@@ -2704,17 +2791,17 @@ msgstr ""
"\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2091
+#: sssd.conf.5.xml:2143
msgid "proxy_pam_target (string)"
msgstr "proxy_pam_target (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2094
+#: sssd.conf.5.xml:2146
msgid "The proxy target PAM proxies to."
msgstr "中継するプロキシターゲット PAM です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2097
+#: sssd.conf.5.xml:2149
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
@@ -2723,12 +2810,12 @@ msgstr ""
"をここに追加する必要があります。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2105
+#: sssd.conf.5.xml:2157
msgid "proxy_lib_name (string)"
msgstr "proxy_lib_name (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2108
+#: sssd.conf.5.xml:2160
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -2739,7 +2826,7 @@ msgstr ""
"_nss_files_getpwent です。"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:2087
+#: sssd.conf.5.xml:2139
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
"\"0\"/>"
@@ -2748,12 +2835,12 @@ msgstr ""
"\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:2120
+#: sssd.conf.5.xml:2172
msgid "The local domain section"
msgstr "ローカルドメインのセクション"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:2122
+#: sssd.conf.5.xml:2174
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -2764,27 +2851,27 @@ msgstr ""
"メインに対する設定を含みます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2129
+#: sssd.conf.5.xml:2181
msgid "default_shell (string)"
msgstr "default_shell (文字列)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2132
+#: sssd.conf.5.xml:2184
msgid "The default shell for users created with SSSD userspace tools."
msgstr "SSSD ユーザー空間ツールを用いて作成されたユーザーの初期シェルです。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2136
+#: sssd.conf.5.xml:2188
msgid "Default: <filename>/bin/bash</filename>"
msgstr "初期値: <filename>/bin/bash</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2141
+#: sssd.conf.5.xml:2193
msgid "base_directory (string)"
msgstr "base_directory (文字列)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2144
+#: sssd.conf.5.xml:2196
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
@@ -2793,17 +2880,17 @@ msgstr ""
"ホームディレクトリーとして使用します。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2149
+#: sssd.conf.5.xml:2201
msgid "Default: <filename>/home</filename>"
msgstr "初期値: <filename>/home</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2154
+#: sssd.conf.5.xml:2206
msgid "create_homedir (bool)"
msgstr "create_homedir (論理値)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2157
+#: sssd.conf.5.xml:2209
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
@@ -2812,17 +2899,17 @@ msgstr ""
"す。コマンドラインにおいて上書きできます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2161 sssd.conf.5.xml:2173
+#: sssd.conf.5.xml:2213 sssd.conf.5.xml:2225
msgid "Default: TRUE"
msgstr "初期値: TRUE"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2166
+#: sssd.conf.5.xml:2218
msgid "remove_homedir (bool)"
msgstr "remove_homedir (論理値)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2169
+#: sssd.conf.5.xml:2221
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
@@ -2831,12 +2918,12 @@ msgstr ""
"す。コマンドラインにおいて上書きできます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2178
+#: sssd.conf.5.xml:2230
msgid "homedir_umask (integer)"
msgstr "homedir_umask (整数)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2181
+#: sssd.conf.5.xml:2233
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -2847,17 +2934,17 @@ msgstr ""
"manvolnum> </citerefentry> により使用されます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2189
+#: sssd.conf.5.xml:2241
msgid "Default: 077"
msgstr "初期値: 077"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2194
+#: sssd.conf.5.xml:2246
msgid "skel_dir (string)"
msgstr "skel_dir (文字列)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2197
+#: sssd.conf.5.xml:2249
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -2870,17 +2957,17 @@ msgstr ""
"を含む、スケルトンディレクトリーです。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2207
+#: sssd.conf.5.xml:2259
msgid "Default: <filename>/etc/skel</filename>"
msgstr "初期値: <filename>/etc/skel</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2212
+#: sssd.conf.5.xml:2264
msgid "mail_dir (string)"
msgstr "mail_dir (文字列)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2215
+#: sssd.conf.5.xml:2267
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -2891,17 +2978,17 @@ msgstr ""
"が使用されます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2222
+#: sssd.conf.5.xml:2274
msgid "Default: <filename>/var/mail</filename>"
msgstr "初期値: <filename>/var/mail</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2227
+#: sssd.conf.5.xml:2279
msgid "userdel_cmd (string)"
msgstr "userdel_cmd (文字列)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2230
+#: sssd.conf.5.xml:2282
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -2912,19 +2999,19 @@ msgstr ""
"せん。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2236
+#: sssd.conf.5.xml:2288
msgid "Default: None, no command is run"
msgstr "初期値: なし、コマンドを実行しません"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:2246 sssd-ldap.5.xml:2518 sssd-simple.5.xml:131
-#: sssd-ipa.5.xml:718 sssd-ad.5.xml:843 sssd-krb5.5.xml:519
+#: sssd.conf.5.xml:2298 sssd-ldap.5.xml:2569 sssd-simple.5.xml:131
+#: sssd-ipa.5.xml:718 sssd-ad.5.xml:843 sssd-krb5.5.xml:564
#: sss_rpcidmapd.5.xml:98
msgid "EXAMPLE"
msgstr "例"
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:2252
+#: sssd.conf.5.xml:2304
#, no-wrap
msgid ""
"[sssd]\n"
@@ -2978,7 +3065,7 @@ msgstr ""
"enumerate = False\n"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:2248
+#: sssd.conf.5.xml:2300
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -3899,7 +3986,7 @@ msgstr "ユーザーの完全名に対応する LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:738 sssd-ldap.5.xml:831 sssd-ldap.5.xml:1058
-#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:2102 sssd-ldap.5.xml:2441
+#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:2153 sssd-ldap.5.xml:2492
#: sssd-ipa.5.xml:591
msgid "Default: cn"
msgstr "初期値: cn"
@@ -4199,11 +4286,6 @@ msgid ""
"dealing with complex or deep nested groups)."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1017
-msgid "ldap_use_tokengroups"
-msgstr ""
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1020
msgid ""
@@ -4452,7 +4534,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1258 sssd-ldap.5.xml:2259
+#: sssd-ldap.5.xml:1258 sssd-ldap.5.xml:2310
msgid "Default: 900 (15 minutes)"
msgstr "初期値: 900 (15 分)"
@@ -4955,7 +5037,7 @@ msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
msgstr "初期値: システムの初期値、<filename>/etc/krb5.conf</filename> 参照。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:403 sssd-krb5.5.xml:453
+#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:403 sssd-krb5.5.xml:462
msgid "krb5_canonicalize (boolean)"
msgstr "krb5_canonicalize (論理値)"
@@ -4969,12 +5051,12 @@ msgstr ""
"します。この機能は MIT Kerberos >= 1.7 で利用可能です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1700 sssd-krb5.5.xml:468
+#: sssd-ldap.5.xml:1700 sssd-krb5.5.xml:477
msgid "krb5_use_kdcinfo (boolean)"
msgstr "krb5_use_kdcinfo (論理値)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1703 sssd-krb5.5.xml:471
+#: sssd-ldap.5.xml:1703 sssd-krb5.5.xml:480
msgid ""
"Specifies if the SSSD should instruct the Kerberos libraries what realm and "
"which KDCs to use. This option is on by default, if you disable it, you need "
@@ -4984,7 +5066,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1714 sssd-krb5.5.xml:482
+#: sssd-ldap.5.xml:1714 sssd-krb5.5.xml:491
msgid ""
"See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</"
"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more "
@@ -5289,11 +5371,64 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1958
+msgid ""
+"<emphasis> Please note that this option is superseded by the <quote>ppolicy</"
+"quote> option and might be removed in a future release. </emphasis>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1965
+msgid ""
+"<emphasis>ppolicy</emphasis>: use account locking. If set, this option "
+"denies access in case that ldap attribute 'pwdAccountLockedTime' is present "
+"and has value of '000001010000Z' or represents any time in the past. The "
+"value of the 'pwdAccountLockedTime' attribute must end with 'Z', which "
+"denotes the UTC time zone. Other time zones are not currently supported and "
+"will result in \"access-denied\" when users attempt to log in. Please see "
+"the option ldap_pwdlockout_dn. Please note that 'access_provider = ldap' "
+"must be set for this feature to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1982
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr "<emphasis>expire</emphasis>: ldap_account_expire_policy を使用します"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1962
+#: sssd-ldap.5.xml:1986
+msgid ""
+"<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, "
+"pwd_expire_policy_renew: </emphasis> These options are useful if users are "
+"interested in being warned that password is about to expire and "
+"authentication is based on using a different method than passwords - for "
+"example SSH keys."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1996
+msgid ""
+"The difference between these options is the action taken if user password is "
+"expired: pwd_expire_policy_reject - user is denied to log in, "
+"pwd_expire_policy_warn - user is still able to log in, "
+"pwd_expire_policy_renew - user is prompted to change his password "
+"immediately."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2004
+msgid ""
+"Note If user password is expired no explicit message is prompted by SSSD."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2008
+msgid ""
+"Please note that 'access_provider = ldap' must be set for this feature to "
+"work. Also 'ldap_pwd_policy' must be set to an appropriate password policy."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2013
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
@@ -5302,30 +5437,30 @@ msgstr ""
"authorizedService 属性を使用します"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1967
+#: sssd-ldap.5.xml:2018
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
"<emphasis>host</emphasis>: アクセス権を決めるために host 属性を使用します"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1971
+#: sssd-ldap.5.xml:2022
msgid "Default: filter"
msgstr "初期値: filter"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1974
+#: sssd-ldap.5.xml:2025
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
msgstr "値が複数使用されていると設定エラーになることに注意してください。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1981
+#: sssd-ldap.5.xml:2032
msgid "ldap_pwdlockout_dn (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1984
+#: sssd-ldap.5.xml:2035
msgid ""
"This option specifies the DN of password policy entry on LDAP server. Please "
"note that absence of this option in sssd.conf in case of enabled account "
@@ -5334,22 +5469,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1992
+#: sssd-ldap.5.xml:2043
msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1995
+#: sssd-ldap.5.xml:2046
msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2001
+#: sssd-ldap.5.xml:2052
msgid "ldap_deref (string)"
msgstr "ldap_deref (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2004
+#: sssd-ldap.5.xml:2055
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
@@ -5358,12 +5493,12 @@ msgstr ""
"ションが許容されます:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2009
+#: sssd-ldap.5.xml:2060
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr "<emphasis>never</emphasis>: エイリアスが参照解決されません。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2013
+#: sssd-ldap.5.xml:2064
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
@@ -5372,7 +5507,7 @@ msgstr ""
"決されますが、検索のベースオブジェクトの位置を探すときはされません。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2018
+#: sssd-ldap.5.xml:2069
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
@@ -5381,7 +5516,7 @@ msgstr ""
"すときのみ参照解決されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2023
+#: sssd-ldap.5.xml:2074
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
@@ -5390,7 +5525,7 @@ msgstr ""
"きも位置を検索するときも参照解決されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2028
+#: sssd-ldap.5.xml:2079
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
@@ -5399,19 +5534,19 @@ msgstr ""
"して取り扱われます)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2036
+#: sssd-ldap.5.xml:2087
msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
msgstr "ldap_rfc2307_fallback_to_local_users (論理値)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2039
+#: sssd-ldap.5.xml:2090
msgid ""
"Allows to retain local users as members of an LDAP group for servers that "
"use the RFC2307 schema."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2043
+#: sssd-ldap.5.xml:2094
msgid ""
"In some environments where the RFC2307 schema is used, local users are made "
"members of LDAP groups by adding their names to the memberUid attribute. "
@@ -5422,7 +5557,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2054
+#: sssd-ldap.5.xml:2105
msgid ""
"This option falls back to checking if local users are referenced, and caches "
"them so that later initgroups() calls will augment the local users with the "
@@ -5445,12 +5580,12 @@ msgstr ""
"\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2070
+#: sssd-ldap.5.xml:2121
msgid "SUDO OPTIONS"
msgstr "SUDO オプション"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2072
+#: sssd-ldap.5.xml:2123
msgid ""
"The detailed instructions for configuration of sudo_provider are in the "
"manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> "
@@ -5458,52 +5593,52 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2083
+#: sssd-ldap.5.xml:2134
msgid "ldap_sudorule_object_class (string)"
msgstr "ldap_sudorule_object_class (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2086
+#: sssd-ldap.5.xml:2137
msgid "The object class of a sudo rule entry in LDAP."
msgstr "LDAP にある sudo ルールエントリーのオブジェクトクラスです。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2089
+#: sssd-ldap.5.xml:2140
msgid "Default: sudoRole"
msgstr "初期値: sudoRole"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2095
+#: sssd-ldap.5.xml:2146
msgid "ldap_sudorule_name (string)"
msgstr "ldap_sudorule_name (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2098
+#: sssd-ldap.5.xml:2149
msgid "The LDAP attribute that corresponds to the sudo rule name."
msgstr "sudo ルール名に対応する LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2108
+#: sssd-ldap.5.xml:2159
msgid "ldap_sudorule_command (string)"
msgstr "ldap_sudorule_command (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2111
+#: sssd-ldap.5.xml:2162
msgid "The LDAP attribute that corresponds to the command name."
msgstr "コマンド名に対応する LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2115
+#: sssd-ldap.5.xml:2166
msgid "Default: sudoCommand"
msgstr "初期値: sudoCommand"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2121
+#: sssd-ldap.5.xml:2172
msgid "ldap_sudorule_host (string)"
msgstr "ldap_sudorule_host (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2124
+#: sssd-ldap.5.xml:2175
msgid ""
"The LDAP attribute that corresponds to the host name (or host IP address, "
"host IP network, or host netgroup)"
@@ -5512,17 +5647,17 @@ msgstr ""
"クグループ)に対応する LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2129
+#: sssd-ldap.5.xml:2180
msgid "Default: sudoHost"
msgstr "初期値: sudoHost"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2135
+#: sssd-ldap.5.xml:2186
msgid "ldap_sudorule_user (string)"
msgstr "ldap_sudorule_user (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2138
+#: sssd-ldap.5.xml:2189
msgid ""
"The LDAP attribute that corresponds to the user name (or UID, group name or "
"user's netgroup)"
@@ -5531,49 +5666,49 @@ msgstr ""
"る LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2142
+#: sssd-ldap.5.xml:2193
msgid "Default: sudoUser"
msgstr "初期値: sudoUser"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2148
+#: sssd-ldap.5.xml:2199
msgid "ldap_sudorule_option (string)"
msgstr "ldap_sudorule_option (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2151
+#: sssd-ldap.5.xml:2202
msgid "The LDAP attribute that corresponds to the sudo options."
msgstr "sudo オプションに対応する LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2155
+#: sssd-ldap.5.xml:2206
msgid "Default: sudoOption"
msgstr "初期値: sudoOption"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2161
+#: sssd-ldap.5.xml:2212
msgid "ldap_sudorule_runasuser (string)"
msgstr "ldap_sudorule_runasuser (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2164
+#: sssd-ldap.5.xml:2215
msgid ""
"The LDAP attribute that corresponds to the user name that commands may be "
"run as."
msgstr "コマンドを実行するユーザー名に対応する LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2168
+#: sssd-ldap.5.xml:2219
msgid "Default: sudoRunAsUser"
msgstr "初期値: sudoRunAsUser"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2174
+#: sssd-ldap.5.xml:2225
msgid "ldap_sudorule_runasgroup (string)"
msgstr "ldap_sudorule_runasgroup (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2177
+#: sssd-ldap.5.xml:2228
msgid ""
"The LDAP attribute that corresponds to the group name or group GID that "
"commands may be run as."
@@ -5581,34 +5716,34 @@ msgstr ""
"コマンドを実行するグループ名またはグループの GID に対応する LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2181
+#: sssd-ldap.5.xml:2232
msgid "Default: sudoRunAsGroup"
msgstr "初期値: sudoRunAsGroup"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2187
+#: sssd-ldap.5.xml:2238
msgid "ldap_sudorule_notbefore (string)"
msgstr "ldap_sudorule_notbefore (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2190
+#: sssd-ldap.5.xml:2241
msgid ""
"The LDAP attribute that corresponds to the start date/time for when the sudo "
"rule is valid."
msgstr "sudo ルールが有効になる開始日時に対応する LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2194
+#: sssd-ldap.5.xml:2245
msgid "Default: sudoNotBefore"
msgstr "初期値: sudoNotBefore"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2200
+#: sssd-ldap.5.xml:2251
msgid "ldap_sudorule_notafter (string)"
msgstr "ldap_sudorule_notafter (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2203
+#: sssd-ldap.5.xml:2254
msgid ""
"The LDAP attribute that corresponds to the expiration date/time, after which "
"the sudo rule will no longer be valid."
@@ -5617,39 +5752,39 @@ msgstr ""
"す。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2208
+#: sssd-ldap.5.xml:2259
msgid "Default: sudoNotAfter"
msgstr "初期値: sudoNotAfter"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2214
+#: sssd-ldap.5.xml:2265
msgid "ldap_sudorule_order (string)"
msgstr "ldap_sudorule_order (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2217
+#: sssd-ldap.5.xml:2268
msgid "The LDAP attribute that corresponds to the ordering index of the rule."
msgstr "ルールの並び替えインデックスに対応する LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2221
+#: sssd-ldap.5.xml:2272
msgid "Default: sudoOrder"
msgstr "初期値: sudoOrder"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2227
+#: sssd-ldap.5.xml:2278
msgid "ldap_sudo_full_refresh_interval (integer)"
msgstr "ldap_sudo_full_refresh_interval (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2230
+#: sssd-ldap.5.xml:2281
msgid ""
"How many seconds SSSD will wait between executing a full refresh of sudo "
"rules (which downloads all rules that are stored on the server)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2235
+#: sssd-ldap.5.xml:2286
msgid ""
"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </"
"emphasis>"
@@ -5658,17 +5793,17 @@ msgstr ""
"ります"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2240
+#: sssd-ldap.5.xml:2291
msgid "Default: 21600 (6 hours)"
msgstr "初期値: 21600 (6 時間)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2246
+#: sssd-ldap.5.xml:2297
msgid "ldap_sudo_smart_refresh_interval (integer)"
msgstr "ldap_sudo_smart_refresh_interval (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2249
+#: sssd-ldap.5.xml:2300
msgid ""
"How many seconds SSSD has to wait before executing a smart refresh of sudo "
"rules (which downloads all rules that have USN higher than the highest USN "
@@ -5676,31 +5811,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2255
+#: sssd-ldap.5.xml:2306
msgid ""
"If USN attributes are not supported by the server, the modifyTimestamp "
"attribute is used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2265
+#: sssd-ldap.5.xml:2316
msgid "ldap_sudo_use_host_filter (boolean)"
msgstr "ldap_sudo_use_host_filter (論理値)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2268
+#: sssd-ldap.5.xml:2319
msgid ""
"If true, SSSD will download only rules that are applicable to this machine "
"(using the IPv4 or IPv6 host/network addresses and hostnames)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2279
+#: sssd-ldap.5.xml:2330
msgid "ldap_sudo_hostnames (string)"
msgstr "ldap_sudo_hostnames (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2282
+#: sssd-ldap.5.xml:2333
msgid ""
"Space separated list of hostnames or fully qualified domain names that "
"should be used to filter the rules."
@@ -5709,15 +5844,15 @@ msgstr ""
"区切り一覧です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2287
+#: sssd-ldap.5.xml:2338
msgid ""
"If this option is empty, SSSD will try to discover the hostname and the "
"fully qualified domain name automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2292 sssd-ldap.5.xml:2315 sssd-ldap.5.xml:2333
-#: sssd-ldap.5.xml:2351
+#: sssd-ldap.5.xml:2343 sssd-ldap.5.xml:2366 sssd-ldap.5.xml:2384
+#: sssd-ldap.5.xml:2402
msgid ""
"If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</"
"emphasis> then this option has no effect."
@@ -5726,17 +5861,17 @@ msgstr ""
"ならば、このオプションは効果を持ちません。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2297 sssd-ldap.5.xml:2320
+#: sssd-ldap.5.xml:2348 sssd-ldap.5.xml:2371
msgid "Default: not specified"
msgstr "初期値: 指定なし"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2303
+#: sssd-ldap.5.xml:2354
msgid "ldap_sudo_ip (string)"
msgstr "ldap_sudo_ip (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2306
+#: sssd-ldap.5.xml:2357
msgid ""
"Space separated list of IPv4 or IPv6 host/network addresses that should be "
"used to filter the rules."
@@ -5745,7 +5880,7 @@ msgstr ""
"アドレスの空白区切り一覧です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2311
+#: sssd-ldap.5.xml:2362
msgid ""
"If this option is empty, SSSD will try to discover the addresses "
"automatically."
@@ -5753,31 +5888,31 @@ msgstr ""
"このオプションが空白ならば、SSSD は自動的にアドレスを検索しようとします。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2326
+#: sssd-ldap.5.xml:2377
msgid "ldap_sudo_include_netgroups (boolean)"
msgstr "ldap_sudo_include_netgroups (論理値)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2329
+#: sssd-ldap.5.xml:2380
msgid ""
"If true then SSSD will download every rule that contains a netgroup in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2344
+#: sssd-ldap.5.xml:2395
msgid "ldap_sudo_include_regexp (boolean)"
msgstr "ldap_sudo_include_regexp (論理値)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2347
+#: sssd-ldap.5.xml:2398
msgid ""
"If true then SSSD will download every rule that contains a wildcard in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2363
+#: sssd-ldap.5.xml:2414
msgid ""
"This manual page only describes attribute name mapping. For detailed "
"explanation of sudo related attribute semantics, see <citerefentry> "
@@ -5789,74 +5924,74 @@ msgstr ""
"refentrytitle><manvolnum>5</manvolnum> </citerefentry> を参照してください"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2373
+#: sssd-ldap.5.xml:2424
msgid "AUTOFS OPTIONS"
msgstr "AUTOFS オプション"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2375
+#: sssd-ldap.5.xml:2426
msgid ""
"Please note that the default values correspond to the default schema which "
"is RFC2307."
msgstr "初期値は RFC2307 の標準スキーマに対応することに注意してください。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2381
+#: sssd-ldap.5.xml:2432
msgid "ldap_autofs_map_master_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2384
+#: sssd-ldap.5.xml:2435
msgid "The name of the automount master map in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2387
+#: sssd-ldap.5.xml:2438
msgid "Default: auto.master"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2394
+#: sssd-ldap.5.xml:2445
msgid "ldap_autofs_map_object_class (string)"
msgstr "ldap_autofs_map_object_class (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2397 sssd-ldap.5.xml:2423
+#: sssd-ldap.5.xml:2448 sssd-ldap.5.xml:2474
msgid "The object class of an automount map entry in LDAP."
msgstr "LDAP にある automount マップエントリーのオブジェクトクラスです。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2400 sssd-ldap.5.xml:2427
+#: sssd-ldap.5.xml:2451 sssd-ldap.5.xml:2478
msgid "Default: automountMap"
msgstr "初期値: automountMap"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2407
+#: sssd-ldap.5.xml:2458
msgid "ldap_autofs_map_name (string)"
msgstr "ldap_autofs_map_name (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2410
+#: sssd-ldap.5.xml:2461
msgid "The name of an automount map entry in LDAP."
msgstr "LDAP における automount のマップエントリーの名前です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2413
+#: sssd-ldap.5.xml:2464
msgid "Default: ou"
msgstr "初期値: ou"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2420
+#: sssd-ldap.5.xml:2471
msgid "ldap_autofs_entry_object_class (string)"
msgstr "ldap_autofs_entry_object_class (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2434
+#: sssd-ldap.5.xml:2485
msgid "ldap_autofs_entry_key (string)"
msgstr "ldap_autofs_entry_key (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2437 sssd-ldap.5.xml:2451
+#: sssd-ldap.5.xml:2488 sssd-ldap.5.xml:2502
msgid ""
"The key of an automount entry in LDAP. The entry usually corresponds to a "
"mount point."
@@ -5865,17 +6000,17 @@ msgstr ""
"ントと対応します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2448
+#: sssd-ldap.5.xml:2499
msgid "ldap_autofs_entry_value (string)"
msgstr "ldap_autofs_entry_value (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2455
+#: sssd-ldap.5.xml:2506
msgid "Default: automountInformation"
msgstr "初期値: automountInformation"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2379
+#: sssd-ldap.5.xml:2430
msgid ""
"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
@@ -5884,32 +6019,32 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2465
+#: sssd-ldap.5.xml:2516
msgid "ADVANCED OPTIONS"
msgstr "高度なオプション"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2472
+#: sssd-ldap.5.xml:2523
msgid "ldap_netgroup_search_base (string)"
msgstr "ldap_netgroup_search_base (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2477
+#: sssd-ldap.5.xml:2528
msgid "ldap_user_search_base (string)"
msgstr "ldap_user_search_base (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2482
+#: sssd-ldap.5.xml:2533
msgid "ldap_group_search_base (string)"
msgstr "ldap_group_search_base (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><note>
-#: sssd-ldap.5.xml:2487
+#: sssd-ldap.5.xml:2538
msgid "<note>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para>
-#: sssd-ldap.5.xml:2489
+#: sssd-ldap.5.xml:2540
msgid ""
"If the option <quote>ldap_use_tokengroups</quote> is enabled. The searches "
"against Active Directory will not be restricted and return all groups "
@@ -5918,22 +6053,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist>
-#: sssd-ldap.5.xml:2496
+#: sssd-ldap.5.xml:2547
msgid "</note>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2498
+#: sssd-ldap.5.xml:2549
msgid "ldap_sudo_search_base (string)"
msgstr "ldap_sudo_search_base (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2503
+#: sssd-ldap.5.xml:2554
msgid "ldap_autofs_search_base (string)"
msgstr "ldap_autofs_search_base (文字列)"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2467
+#: sssd-ldap.5.xml:2518
#, fuzzy
#| msgid ""
#| "These options are supported by LDAP domains, but they should be used with "
@@ -5950,7 +6085,7 @@ msgstr ""
"さい。 <placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2520
+#: sssd-ldap.5.xml:2571
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -5961,7 +6096,7 @@ msgstr ""
"す。"
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2526
+#: sssd-ldap.5.xml:2577
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -5981,19 +6116,19 @@ msgstr ""
" cache_credentials = true\n"
#. type: Content of: <refsect1><refsect2><para>
-#: sssd-ldap.5.xml:2525 sssd-ldap.5.xml:2543 sssd-simple.5.xml:139
+#: sssd-ldap.5.xml:2576 sssd-ldap.5.xml:2594 sssd-simple.5.xml:139
#: sssd-ipa.5.xml:726 sssd-ad.5.xml:851 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98
-#: sssd-krb5.5.xml:528 include/ldap_id_mapping.xml:105
+#: sssd-krb5.5.xml:573 include/ldap_id_mapping.xml:105
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr "<placeholder type=\"programlisting\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2537
+#: sssd-ldap.5.xml:2588
msgid "LDAP ACCESS FILTER EXAMPLE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2539
+#: sssd-ldap.5.xml:2590
#, fuzzy
#| msgid ""
#| "The following example assumes that SSSD is correctly configured and LDAP "
@@ -6008,7 +6143,7 @@ msgstr ""
"す。"
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2544
+#: sssd-ldap.5.xml:2595
#, fuzzy, no-wrap
#| msgid ""
#| " [domain/LDAP]\n"
@@ -6039,13 +6174,13 @@ msgstr ""
" cache_credentials = true\n"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2559 sssd_krb5_locator_plugin.8.xml:61
+#: sssd-ldap.5.xml:2610 sssd_krb5_locator_plugin.8.xml:61
#: sssd-simple.5.xml:148 sssd-ad.5.xml:866 sssd.8.xml:195 sss_seed.8.xml:163
msgid "NOTES"
msgstr "注記"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2561
+#: sssd-ldap.5.xml:2612
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -6916,7 +7051,7 @@ msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:371 sssd-krb5.5.xml:245
+#: sssd-ipa.5.xml:371 sssd-krb5.5.xml:254
msgid "krb5_validate (boolean)"
msgstr "krb5_validate (論理値)"
@@ -6966,12 +7101,12 @@ msgstr ""
"するかを指定します。この機能は MIT Kerberos >= 1.7 で利用可能です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:419 sssd-krb5.5.xml:407
+#: sssd-ipa.5.xml:419 sssd-krb5.5.xml:416
msgid "krb5_use_fast (string)"
msgstr "krb5_use_fast (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:422 sssd-krb5.5.xml:410
+#: sssd-ipa.5.xml:422 sssd-krb5.5.xml:419
msgid ""
"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-"
"authentication. The following options are supported:"
@@ -6993,7 +7128,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:436 sssd-krb5.5.xml:424
+#: sssd-ipa.5.xml:436 sssd-krb5.5.xml:433
msgid ""
"<emphasis>demand</emphasis> to use FAST. The authentication fails if the "
"server does not require fast."
@@ -7007,7 +7142,7 @@ msgid "Default: try"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:444 sssd-krb5.5.xml:435
+#: sssd-ipa.5.xml:444 sssd-krb5.5.xml:444
msgid ""
"NOTE: SSSD supports FAST only with MIT Kerberos version 1.8 and later. If "
"SSSD is used with an older version of MIT Kerberos, using this option is a "
@@ -8137,12 +8272,12 @@ msgid "Default: True"
msgstr "初期値: True"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:797 sssd-krb5.5.xml:496
+#: sssd-ad.5.xml:797 sssd-krb5.5.xml:505
msgid "krb5_use_enterprise_principal (boolean)"
msgstr "krb5_use_enterprise_principal (論理値)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:800 sssd-krb5.5.xml:499
+#: sssd-ad.5.xml:800 sssd-krb5.5.xml:508
msgid ""
"Specifies if the user principal should be treated as enterprise principal. "
"See section 5 of RFC 6806 for more details about enterprise principals."
@@ -9236,16 +9371,32 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:225
+#, fuzzy
+#| msgid ""
+#| "Please refer to the <quote>dns_discovery_domain</quote> parameter in the "
+#| "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
+#| "manvolnum> </citerefentry> manual page for more details."
+msgid ""
+"NOTE: Please be aware that libkrb5 ccache expansion template from "
+"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> uses different expansion sequences than SSSD."
+msgstr ""
+"詳細は <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> マニュアルページにある "
+"<quote>dns_discovery_domain</quote> パラメーターを参照してください。"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:234
msgid "Default: (from libkrb5)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:231
+#: sssd-krb5.5.xml:240
msgid "krb5_auth_timeout (integer)"
msgstr "krb5_auth_timeout (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:234
+#: sssd-krb5.5.xml:243
msgid ""
"Timeout in seconds after an online authentication request or change password "
"request is aborted. If possible, the authentication request is continued "
@@ -9255,7 +9406,7 @@ msgstr ""
"す。可能ならば、認証要求がオフラインで継続されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:248
+#: sssd-krb5.5.xml:257
msgid ""
"Verify with the help of krb5_keytab that the TGT obtained has not been "
"spoofed. The keytab is checked for entries sequentially, and the first entry "
@@ -9266,12 +9417,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:263
+#: sssd-krb5.5.xml:272
msgid "krb5_keytab (string)"
msgstr "krb5_keytab (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:266
+#: sssd-krb5.5.xml:275
msgid ""
"The location of the keytab to use when validating credentials obtained from "
"KDCs."
@@ -9280,24 +9431,24 @@ msgstr ""
"です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:270
+#: sssd-krb5.5.xml:279
msgid "Default: /etc/krb5.keytab"
msgstr "初期値: /etc/krb5.keytab"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:276
+#: sssd-krb5.5.xml:285
msgid "krb5_store_password_if_offline (boolean)"
msgstr "krb5_store_password_if_offline (論理値)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:279
+#: sssd-krb5.5.xml:288
msgid ""
"Store the password of the user if the provider is offline and use it to "
"request a TGT when the provider comes online again."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:284
+#: sssd-krb5.5.xml:293
msgid ""
"NOTE: this feature is only available on Linux. Passwords stored in this way "
"are kept in plaintext in the kernel keyring and are potentially accessible "
@@ -9305,44 +9456,44 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:297
+#: sssd-krb5.5.xml:306
msgid "krb5_renewable_lifetime (string)"
msgstr "krb5_renewable_lifetime (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:300
+#: sssd-krb5.5.xml:309
msgid ""
"Request a renewable ticket with a total lifetime, given as an integer "
"immediately followed by a time unit:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:305 sssd-krb5.5.xml:339 sssd-krb5.5.xml:376
+#: sssd-krb5.5.xml:314 sssd-krb5.5.xml:348 sssd-krb5.5.xml:385
msgid "<emphasis>s</emphasis> for seconds"
msgstr "秒は <emphasis>s</emphasis>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:308 sssd-krb5.5.xml:342 sssd-krb5.5.xml:379
+#: sssd-krb5.5.xml:317 sssd-krb5.5.xml:351 sssd-krb5.5.xml:388
msgid "<emphasis>m</emphasis> for minutes"
msgstr "分は <emphasis>m</emphasis>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:311 sssd-krb5.5.xml:345 sssd-krb5.5.xml:382
+#: sssd-krb5.5.xml:320 sssd-krb5.5.xml:354 sssd-krb5.5.xml:391
msgid "<emphasis>h</emphasis> for hours"
msgstr "時間は <emphasis>h</emphasis>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:314 sssd-krb5.5.xml:348 sssd-krb5.5.xml:385
+#: sssd-krb5.5.xml:323 sssd-krb5.5.xml:357 sssd-krb5.5.xml:394
msgid "<emphasis>d</emphasis> for days."
msgstr "日は <emphasis>d</emphasis>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:317 sssd-krb5.5.xml:388
+#: sssd-krb5.5.xml:326 sssd-krb5.5.xml:397
msgid "If there is no unit given, <emphasis>s</emphasis> is assumed."
msgstr "単位が指定されていないと、<emphasis>s</emphasis> と仮定されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:321 sssd-krb5.5.xml:392
+#: sssd-krb5.5.xml:330 sssd-krb5.5.xml:401
msgid ""
"NOTE: It is not possible to mix units. To set the renewable lifetime to one "
"and a half hours, use '90m' instead of '1h30m'."
@@ -9351,29 +9502,29 @@ msgstr ""
"指定したい場合、'1h30m' の代わりに '90m' を使用します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:326
+#: sssd-krb5.5.xml:335
msgid "Default: not set, i.e. the TGT is not renewable"
msgstr "初期値: 設定されません、つまり TGT は更新可能ではありません"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:332
+#: sssd-krb5.5.xml:341
msgid "krb5_lifetime (string)"
msgstr "krb5_lifetime (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:335
+#: sssd-krb5.5.xml:344
msgid ""
"Request ticket with a lifetime, given as an integer immediately followed by "
"a time unit:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:351
+#: sssd-krb5.5.xml:360
msgid "If there is no unit given <emphasis>s</emphasis> is assumed."
msgstr "単位が指定されていないと、<emphasis>s</emphasis> と仮定されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:355
+#: sssd-krb5.5.xml:364
msgid ""
"NOTE: It is not possible to mix units. To set the lifetime to one and a "
"half hours please use '90m' instead of '1h30m'."
@@ -9382,7 +9533,7 @@ msgstr ""
"指定したい場合、'1h30m' の代わりに '90m' を使用してください。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:360
+#: sssd-krb5.5.xml:369
msgid ""
"Default: not set, i.e. the default ticket lifetime configured on the KDC."
msgstr ""
@@ -9390,12 +9541,12 @@ msgstr ""
"期値です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:367
+#: sssd-krb5.5.xml:376
msgid "krb5_renew_interval (string)"
msgstr "krb5_renew_interval (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:370
+#: sssd-krb5.5.xml:379
msgid ""
"The time in seconds between two checks if the TGT should be renewed. TGTs "
"are renewed if about half of their lifetime is exceeded, given as an integer "
@@ -9403,14 +9554,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:397
+#: sssd-krb5.5.xml:406
msgid "If this option is not set or is 0 the automatic renewal is disabled."
msgstr ""
"このオプションが設定されていない場合、または 0 に設定されている場合、自動更新"
"は無効になります。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:415
+#: sssd-krb5.5.xml:424
msgid ""
"<emphasis>never</emphasis> use FAST. This is equivalent to not setting this "
"option at all."
@@ -9419,7 +9570,7 @@ msgstr ""
"いことと同等です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:419
+#: sssd-krb5.5.xml:428
msgid ""
"<emphasis>try</emphasis> to use FAST. If the server does not support FAST, "
"continue the authentication without it."
@@ -9428,27 +9579,27 @@ msgstr ""
"いなければ、FAST を使用せずに認証を続行します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:429
+#: sssd-krb5.5.xml:438
msgid "Default: not set, i.e. FAST is not used."
msgstr "初期値: 設定されません、つまり FAST が使用されません。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:432
+#: sssd-krb5.5.xml:441
msgid "NOTE: a keytab is required to use FAST."
msgstr "注: キーテーブルは FAST を使用する必要があります。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:444
+#: sssd-krb5.5.xml:453
msgid "krb5_fast_principal (string)"
msgstr "krb5_fast_principal (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:447
+#: sssd-krb5.5.xml:456
msgid "Specifies the server principal to use for FAST."
msgstr "FAST に対して使用するサーバープリンシパルを指定します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:456
+#: sssd-krb5.5.xml:465
msgid ""
"Specifies if the host and user principal should be canonicalized. This "
"feature is available with MIT Kerberos 1.7 and later versions."
@@ -9457,10 +9608,45 @@ msgstr ""
"MIT Kerberos 1.7 およびそれ以降で利用可能です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:505
+#: sssd-krb5.5.xml:514
msgid "Default: false (AD provider: true)"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:520
+#, fuzzy
+#| msgid "krb5_use_fast (string)"
+msgid "krb5_map_user (string)"
+msgstr "krb5_use_fast (文字列)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:523
+msgid ""
+"The list of mappings is given as a comma-separated list of pairs "
+"<quote>username:primary</quote> where <quote>username</quote> is a UNIX user "
+"name and <quote>primary</quote> is a user part of a kerberos principal. This "
+"mapping is used when user is authenticating using <quote>auth_provider = "
+"krb5</quote>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd-krb5.5.xml:535
+#, no-wrap
+msgid ""
+"krb5_realm = REALM\n"
+"krb5_map_user = joe:juser,dick:richard\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:540
+msgid ""
+"<quote>joe</quote> and <quote>dick</quote> are UNIX user names and "
+"<quote>juser</quote> and <quote>richard</quote> are primaries of kerberos "
+"principals. For user <quote>joe</quote> resp. <quote>dick</quote> SSSD will "
+"try to kinit as <quote>juser@REALM</quote> resp. <quote>richard@REALM</"
+"quote>."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-krb5.5.xml:65
msgid ""
@@ -9477,7 +9663,7 @@ msgstr ""
"quote> を参照してください。 <placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-krb5.5.xml:521
+#: sssd-krb5.5.xml:566
msgid ""
"The following example assumes that SSSD is correctly configured and FOO is "
"one of the domains in the <replaceable>[sssd]</replaceable> section. This "
@@ -9489,7 +9675,7 @@ msgstr ""
"の設定のみを示し、識別プロバイダーを何も含みません。"
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-krb5.5.xml:529
+#: sssd-krb5.5.xml:574
#, no-wrap
msgid ""
" [domain/FOO]\n"
diff --git a/src/man/po/lv.po b/src/man/po/lv.po
index 5ab6c13ee..62980bf36 100644
--- a/src/man/po/lv.po
+++ b/src/man/po/lv.po
@@ -9,7 +9,7 @@ msgid ""
msgstr ""
"Project-Id-Version: sssd-docs 1.12.2\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2015-02-18 16:52+0100\n"
+"POT-Creation-Date: 2015-06-12 10:36+0200\n"
"PO-Revision-Date: 2014-06-04 02:04-0400\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Latvian (http://www.transifex.com/projects/p/sssd/language/"
@@ -20,7 +20,7 @@ msgstr ""
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n != 0 ? 1 : "
"2);\n"
-"X-Generator: Zanata 3.5.1\n"
+"X-Generator: Zanata 3.6.2\n"
#. type: Content of: <reference><title>
#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5
@@ -227,11 +227,11 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:81 sssd.conf.5.xml:571 sssd.conf.5.xml:1014
+#: sssd.conf.5.xml:81 sssd.conf.5.xml:602 sssd.conf.5.xml:1066
#: sssd-ldap.5.xml:1625 sssd-ldap.5.xml:1722 sssd-ldap.5.xml:1784
-#: sssd-ldap.5.xml:2273 sssd-ldap.5.xml:2338 sssd-ldap.5.xml:2356
+#: sssd-ldap.5.xml:2324 sssd-ldap.5.xml:2389 sssd-ldap.5.xml:2407
#: sssd-ipa.5.xml:378 sssd-ipa.5.xml:413 sssd-ad.5.xml:166 sssd-ad.5.xml:264
-#: sssd-ad.5.xml:714 sssd-ad.5.xml:806 sssd-krb5.5.xml:490
+#: sssd-ad.5.xml:714 sssd-ad.5.xml:806 sssd-krb5.5.xml:499
msgid "Default: true"
msgstr ""
@@ -248,16 +248,16 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:94 sssd.conf.5.xml:968 sssd.conf.5.xml:2043
+#: sssd.conf.5.xml:94 sssd.conf.5.xml:1020 sssd.conf.5.xml:2095
#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1499 sssd-ldap.5.xml:1518
-#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:2060 sssd-ipa.5.xml:139
-#: sssd-ipa.5.xml:208 sssd-ipa.5.xml:543 sssd-krb5.5.xml:257
-#: sssd-krb5.5.xml:291 sssd-krb5.5.xml:462
+#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:2111 sssd-ipa.5.xml:139
+#: sssd-ipa.5.xml:208 sssd-ipa.5.xml:543 sssd-krb5.5.xml:266
+#: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471
msgid "Default: false"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:67 sssd.conf.5.xml:105 sssd-ldap.5.xml:2081
+#: sssd.conf.5.xml:67 sssd.conf.5.xml:105 sssd-ldap.5.xml:2132
msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
@@ -294,7 +294,7 @@ msgid "The [sssd] section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:137 sssd.conf.5.xml:2127
+#: sssd.conf.5.xml:137 sssd.conf.5.xml:2179
msgid "Section parameters"
msgstr ""
@@ -363,7 +363,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:193 sssd.conf.5.xml:1826
+#: sssd.conf.5.xml:193 sssd.conf.5.xml:1878
msgid "re_expression (string)"
msgstr ""
@@ -383,12 +383,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:210 sssd.conf.5.xml:1877
+#: sssd.conf.5.xml:210 sssd.conf.5.xml:1929
msgid "full_name_format (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:213 sssd.conf.5.xml:1880
+#: sssd.conf.5.xml:213 sssd.conf.5.xml:1932
msgid ""
"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
"manvolnum> </citerefentry>-compatible format that describes how to compose a "
@@ -396,39 +396,39 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:224 sssd.conf.5.xml:1891
+#: sssd.conf.5.xml:224 sssd.conf.5.xml:1943
msgid "%1$s"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:225 sssd.conf.5.xml:1892
+#: sssd.conf.5.xml:225 sssd.conf.5.xml:1944
msgid "user name"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:228 sssd.conf.5.xml:1895
+#: sssd.conf.5.xml:228 sssd.conf.5.xml:1947
msgid "%2$s"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:231 sssd.conf.5.xml:1898
+#: sssd.conf.5.xml:231 sssd.conf.5.xml:1950
msgid "domain name as specified in the SSSD config file."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:237 sssd.conf.5.xml:1904
+#: sssd.conf.5.xml:237 sssd.conf.5.xml:1956
msgid "%3$s"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:240 sssd.conf.5.xml:1907
+#: sssd.conf.5.xml:240 sssd.conf.5.xml:1959
msgid ""
"domain flat name. Mostly usable for Active Directory domains, both directly "
"configured or discovered via IPA trusts."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:221 sssd.conf.5.xml:1888
+#: sssd.conf.5.xml:221 sssd.conf.5.xml:1940
msgid ""
"The following expansions are supported: <placeholder type=\"variablelist\" "
"id=\"0\"/>"
@@ -545,8 +545,8 @@ msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:336 sssd-ldap.5.xml:663 sssd-ldap.5.xml:1458
#: sssd-ldap.5.xml:1470 sssd-ldap.5.xml:1552 sssd-ad.5.xml:557
-#: sssd-ad.5.xml:627 sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:203
-#: include/ldap_id_mapping.xml:214
+#: sssd-ad.5.xml:627 sssd-krb5.5.xml:410 sssd-krb5.5.xml:550
+#: include/ldap_id_mapping.xml:203 include/ldap_id_mapping.xml:214
msgid "Default: not set"
msgstr ""
@@ -649,18 +649,18 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:427 sssd.conf.5.xml:443 sssd.conf.5.xml:475
-#: sssd.conf.5.xml:702 sssd.conf.5.xml:888 sssd.conf.5.xml:1209
+#: sssd.conf.5.xml:733 sssd.conf.5.xml:919 sssd.conf.5.xml:1261
#: sssd-ldap.5.xml:1200
msgid "Default: 60"
msgstr "Noklusējuma: 60"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:432 sssd.conf.5.xml:1198
+#: sssd.conf.5.xml:432 sssd.conf.5.xml:1250
msgid "force_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:435 sssd.conf.5.xml:1201
+#: sssd.conf.5.xml:435 sssd.conf.5.xml:1253
msgid ""
"If a service is not responding to ping checks (see the <quote>timeout</"
"quote> option), it is first sent the SIGTERM signal that instructs it to "
@@ -707,41 +707,93 @@ msgid ""
"will be forced to one hour."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:480
+msgid "subdomain_inherit (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:483
+msgid ""
+"Specifies a list of configuration parameters that should be inherited by a "
+"subdomain. Please note that only selected parameters can be inherited. "
+"Currently the following options can be inherited:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:489
+msgid "ignore_group_members"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:492
+msgid "ldap_purge_cache_timeout"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:495 sssd-ldap.5.xml:1017
+msgid "ldap_use_tokengroups"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:498
+msgid "ldap_user_principal"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd.conf.5.xml:503
+#, no-wrap
+msgid ""
+"subdomain_inherit = ldap_purge_cache_timeout\n"
+" "
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:501
+msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:507 sssd.conf.5.xml:963 sssd.conf.5.xml:984
+#: sssd.conf.5.xml:1244 sssd-ldap.5.xml:1753
+msgid "Default: none"
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:484
+#: sssd.conf.5.xml:515
msgid "NSS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:486
+#: sssd.conf.5.xml:517
msgid ""
"These options can be used to configure the Name Service Switch (NSS) service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:491
+#: sssd.conf.5.xml:522
msgid "enum_cache_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:494
+#: sssd.conf.5.xml:525
msgid ""
"How many seconds should nss_sss cache enumerations (requests for info about "
"all users)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:498
+#: sssd.conf.5.xml:529
msgid "Default: 120"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:503
+#: sssd.conf.5.xml:534
msgid "entry_cache_nowait_percentage (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:506
+#: sssd.conf.5.xml:537
msgid ""
"The entry cache can be set to automatically update entries in the background "
"if they are requested beyond a percentage of the entry_cache_timeout value "
@@ -749,7 +801,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:512
+#: sssd.conf.5.xml:543
msgid ""
"For example, if the domain's entry_cache_timeout is set to 30s and "
"entry_cache_nowait_percentage is set to 50 (percent), entries that come in "
@@ -759,7 +811,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:522
+#: sssd.conf.5.xml:553
msgid ""
"Valid values for this option are 0-99 and represent a percentage of the "
"entry_cache_timeout for each domain. For performance reasons, this "
@@ -768,17 +820,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:530
+#: sssd.conf.5.xml:561
msgid "Default: 50"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:535
+#: sssd.conf.5.xml:566
msgid "entry_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:538
+#: sssd.conf.5.xml:569
msgid ""
"Specifies for how many seconds nss_sss should cache negative cache hits "
"(that is, queries for invalid database entries, like nonexistent ones) "
@@ -786,17 +838,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:544 sssd.conf.5.xml:992
+#: sssd.conf.5.xml:575 sssd.conf.5.xml:1044
msgid "Default: 15"
msgstr "Noklusējuma: 15"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:549
+#: sssd.conf.5.xml:580
msgid "filter_users, filter_groups (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:552
+#: sssd.conf.5.xml:583
msgid ""
"Exclude certain users from being fetched from the sss NSS database. This is "
"particularly useful for system accounts. This option can also be set per-"
@@ -805,41 +857,41 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:559
+#: sssd.conf.5.xml:590
msgid "Default: root"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:564
+#: sssd.conf.5.xml:595
msgid "filter_users_in_groups (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:567
+#: sssd.conf.5.xml:598
msgid ""
"If you want filtered user still be group members set this option to false."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:578
+#: sssd.conf.5.xml:609
msgid "fallback_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:581
+#: sssd.conf.5.xml:612
msgid ""
"Set a default template for a user's home directory if one is not specified "
"explicitly by the domain's data provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:586
+#: sssd.conf.5.xml:617
msgid ""
"The available values for this option are the same as for override_homedir."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
-#: sssd.conf.5.xml:592
+#: sssd.conf.5.xml:623
#, no-wrap
msgid ""
"fallback_homedir = /home/%u\n"
@@ -847,22 +899,23 @@ msgid ""
msgstr ""
#. type: Content of: <varlistentry><listitem><para>
-#: sssd.conf.5.xml:590 include/override_homedir.xml:55
+#: sssd.conf.5.xml:621 sssd.conf.5.xml:978 sssd-krb5.5.xml:533
+#: include/override_homedir.xml:55
msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:596
+#: sssd.conf.5.xml:627
msgid "Default: not set (no substitution for unset home directories)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:602
+#: sssd.conf.5.xml:633
msgid "override_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:605
+#: sssd.conf.5.xml:636
msgid ""
"Override the login shell for all users. This option supersedes any other "
"shell options if it takes effect and can be set either in the [nss] section "
@@ -870,47 +923,47 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:611
+#: sssd.conf.5.xml:642
msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:617
+#: sssd.conf.5.xml:648
msgid "allowed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:620
+#: sssd.conf.5.xml:651
msgid ""
"Restrict user shell to one of the listed values. The order of evaluation is:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:623
+#: sssd.conf.5.xml:654
msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:627
+#: sssd.conf.5.xml:658
msgid ""
"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
"quote>, use the value of the shell_fallback parameter."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:632
+#: sssd.conf.5.xml:663
msgid ""
"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
"shells</quote>, a nologin shell is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:637
+#: sssd.conf.5.xml:668
msgid "The wildcard (*) can be used to allow any shell."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:640
+#: sssd.conf.5.xml:671
msgid ""
"The (*) is useful if you want to use shell_fallback in case that user's "
"shell is not in <quote>/etc/shells</quote> and maintaining list of all "
@@ -918,103 +971,103 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:647
+#: sssd.conf.5.xml:678
msgid "An empty string for shell is passed as-is to libc."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:650
+#: sssd.conf.5.xml:681
msgid ""
"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
"that a restart of the SSSD is required in case a new shell is installed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:654
+#: sssd.conf.5.xml:685
msgid "Default: Not set. The user shell is automatically used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:659
+#: sssd.conf.5.xml:690
msgid "vetoed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:662
+#: sssd.conf.5.xml:693
msgid "Replace any instance of these shells with the shell_fallback"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:667
+#: sssd.conf.5.xml:698
msgid "shell_fallback (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:670
+#: sssd.conf.5.xml:701
msgid ""
"The default shell to use if an allowed shell is not installed on the machine."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:674
+#: sssd.conf.5.xml:705
msgid "Default: /bin/sh"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:679
+#: sssd.conf.5.xml:710
msgid "default_shell"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:682
+#: sssd.conf.5.xml:713
msgid ""
"The default shell to use if the provider does not return one during lookup. "
"This option can be specified globally in the [nss] section or per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:688
+#: sssd.conf.5.xml:719
msgid ""
"Default: not set (Return NULL if no shell is specified and rely on libc to "
"substitute something sensible when necessary, usually /bin/sh)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:695 sssd.conf.5.xml:881
+#: sssd.conf.5.xml:726 sssd.conf.5.xml:912
msgid "get_domains_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:698 sssd.conf.5.xml:884
+#: sssd.conf.5.xml:729 sssd.conf.5.xml:915
msgid ""
"Specifies time in seconds for which the list of subdomains will be "
"considered valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:707
+#: sssd.conf.5.xml:738
msgid "memcache_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:710
+#: sssd.conf.5.xml:741
msgid ""
"Specifies time in seconds for which records in the in-memory cache will be "
"valid"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:714 sssd-ldap.5.xml:706
+#: sssd.conf.5.xml:745 sssd-ldap.5.xml:706
msgid "Default: 300"
msgstr "Noklusējuma: 300"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:719 sssd-ifp.5.xml:74
+#: sssd.conf.5.xml:750 sssd-ifp.5.xml:74
msgid "user_attributes (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:722
+#: sssd.conf.5.xml:753
msgid ""
"Some of the additional NSS responder requests can return more attributes "
"than just the POSIX ones defined by the NSS interface. The list of "
@@ -1025,72 +1078,72 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:735
+#: sssd.conf.5.xml:766
msgid ""
"To make configuration more easy the NSS responder will check the InfoPipe "
"option if it is not set for the NSS responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:740
+#: sssd.conf.5.xml:771
msgid "Default: not set, fallback to InfoPipe option"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:747
+#: sssd.conf.5.xml:778
msgid "PAM configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:749
+#: sssd.conf.5.xml:780
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:754
+#: sssd.conf.5.xml:785
msgid "offline_credentials_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:757
+#: sssd.conf.5.xml:788
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:762 sssd.conf.5.xml:775
+#: sssd.conf.5.xml:793 sssd.conf.5.xml:806
msgid "Default: 0 (No limit)"
msgstr "Noklusējuma: 0 (bez ierobežojuma)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:768
+#: sssd.conf.5.xml:799
msgid "offline_failed_login_attempts (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:771
+#: sssd.conf.5.xml:802
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:781
+#: sssd.conf.5.xml:812
msgid "offline_failed_login_delay (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:784
+#: sssd.conf.5.xml:815
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:789
+#: sssd.conf.5.xml:820
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -1098,59 +1151,59 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:795 sssd.conf.5.xml:848
+#: sssd.conf.5.xml:826 sssd.conf.5.xml:879
msgid "Default: 5"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:801
+#: sssd.conf.5.xml:832
msgid "pam_verbosity (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:804
+#: sssd.conf.5.xml:835
msgid ""
"Controls what kind of messages are shown to the user during authentication. "
"The higher the number to more messages are displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:809
+#: sssd.conf.5.xml:840
msgid "Currently sssd supports the following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:812
+#: sssd.conf.5.xml:843
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:815
+#: sssd.conf.5.xml:846
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:819
+#: sssd.conf.5.xml:850
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:822
+#: sssd.conf.5.xml:853
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:826 sssd.8.xml:63
+#: sssd.conf.5.xml:857 sssd.8.xml:63
msgid "Default: 1"
msgstr "Noklusējuma: 1"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:831
+#: sssd.conf.5.xml:862
msgid "pam_id_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:834
+#: sssd.conf.5.xml:865
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -1158,7 +1211,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:840
+#: sssd.conf.5.xml:871
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a per-"
@@ -1167,17 +1220,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:854
+#: sssd.conf.5.xml:885
msgid "pam_pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:857 sssd.conf.5.xml:1390
+#: sssd.conf.5.xml:888 sssd.conf.5.xml:1442
msgid "Display a warning N days before the password expires."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:860
+#: sssd.conf.5.xml:891
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1185,31 +1238,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:866 sssd.conf.5.xml:1393
+#: sssd.conf.5.xml:897 sssd.conf.5.xml:1445
msgid ""
"If zero is set, then this filter is not applied, i.e. if the expiration "
"warning was received from backend server, it will automatically be displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:871
+#: sssd.conf.5.xml:902
msgid ""
"This setting can be overridden by setting <emphasis>pwd_expiration_warning</"
"emphasis> for a particular domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:876 sssd.8.xml:79
+#: sssd.conf.5.xml:907 sssd.8.xml:79
msgid "Default: 0"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:893
+#: sssd.conf.5.xml:924
msgid "pam_trusted_users (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:896
+#: sssd.conf.5.xml:927
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAM responder. User names are resolved to UIDs at "
@@ -1217,59 +1270,75 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:902
+#: sssd.conf.5.xml:933
msgid "Default: all (All users are allowed to access the PAM responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:906
+#: sssd.conf.5.xml:937
msgid ""
"Please note that UID 0 is always allowed to access the PAM responder even in "
"case it is not in the pam_trusted_users list."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:913
+#: sssd.conf.5.xml:944
msgid "pam_public_domains (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:916
+#: sssd.conf.5.xml:947
msgid ""
"Specifies the comma-separated list of domain names that are accessible even "
"to untrusted users."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:920
+#: sssd.conf.5.xml:951
msgid "Two special values for pam_public_domains option are defined:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:924
+#: sssd.conf.5.xml:955
msgid ""
"all (Untrusted users are allowed to access all domains in PAM responder.)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:928
+#: sssd.conf.5.xml:959
msgid ""
"none (Untrusted users are not allowed to access any domains PAM in "
"responder.)"
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:932 sssd.conf.5.xml:1192 sssd-ldap.5.xml:1753
-msgid "Default: none"
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:968
+msgid "pam_account_expired_message (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:971
+msgid ""
+"If user is authenticating using SSH keys and account is expired then by "
+"default 'Permission denied' is output. This output will be changed to "
+"content of this variable if it is set."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd.conf.5.xml:980
+#, no-wrap
+msgid ""
+"pam_account_expired_message = Account expired, please call help desk.\n"
+" "
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:941
+#: sssd.conf.5.xml:993
msgid "SUDO configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:943
+#: sssd.conf.5.xml:995
msgid ""
"These options can be used to configure the sudo service. The detailed "
"instructions for configuration of <citerefentry> <refentrytitle>sudo</"
@@ -1280,34 +1349,34 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:960
+#: sssd.conf.5.xml:1012
msgid "sudo_timed (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:1015
msgid ""
"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
"that implement time-dependent sudoers entries."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:976
+#: sssd.conf.5.xml:1028
msgid "AUTOFS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:978
+#: sssd.conf.5.xml:1030
msgid "These options can be used to configure the autofs service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:982
+#: sssd.conf.5.xml:1034
msgid "autofs_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:985
+#: sssd.conf.5.xml:1037
msgid ""
"Specifies for how many seconds should the autofs responder negative cache "
"hits (that is, queries for invalid map entries, like nonexistent ones) "
@@ -1315,51 +1384,51 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1001
+#: sssd.conf.5.xml:1053
msgid "SSH configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1003
+#: sssd.conf.5.xml:1055
msgid "These options can be used to configure the SSH service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1007
+#: sssd.conf.5.xml:1059
msgid "ssh_hash_known_hosts (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1010
+#: sssd.conf.5.xml:1062
msgid ""
"Whether or not to hash host names and addresses in the managed known_hosts "
"file."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1019
+#: sssd.conf.5.xml:1071
msgid "ssh_known_hosts_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1022
+#: sssd.conf.5.xml:1074
msgid ""
"How many seconds to keep a host in the managed known_hosts file after its "
"host keys were requested."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1026
+#: sssd.conf.5.xml:1078
msgid "Default: 180"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1034
+#: sssd.conf.5.xml:1086
msgid "PAC responder configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1036
+#: sssd.conf.5.xml:1088
msgid ""
"The PAC responder works together with the authorization data plugin for MIT "
"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
@@ -1371,7 +1440,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1045
+#: sssd.conf.5.xml:1097
msgid ""
"If the remote user does not exist in the cache, it is created. The uid is "
"determined with the help of the SID, trusted domains will have UPGs and the "
@@ -1382,24 +1451,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1053
+#: sssd.conf.5.xml:1105
msgid ""
"If there are SIDs of groups from domains sssd knows about, the user will be "
"added to those groups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1059
+#: sssd.conf.5.xml:1111
msgid "These options can be used to configure the PAC responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1063 sssd-ifp.5.xml:50
+#: sssd.conf.5.xml:1115 sssd-ifp.5.xml:50
msgid "allowed_uids (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1066
+#: sssd.conf.5.xml:1118
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAC responder. User names are resolved to UIDs at "
@@ -1407,12 +1476,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1072
+#: sssd.conf.5.xml:1124
msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1076
+#: sssd.conf.5.xml:1128
msgid ""
"Please note that although the UID 0 is used as the default it will be "
"overwritten with this option. If you still want to allow the root user to "
@@ -1421,24 +1490,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:1090
+#: sssd.conf.5.xml:1142
msgid "DOMAIN SECTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1097
+#: sssd.conf.5.xml:1149
msgid "min_id,max_id (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1100
+#: sssd.conf.5.xml:1152
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1105
+#: sssd.conf.5.xml:1157
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For non-"
@@ -1447,47 +1516,47 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1112
+#: sssd.conf.5.xml:1164
msgid ""
"These ID limits affect even saving entries to cache, not only returning them "
"by name or ID."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1116
+#: sssd.conf.5.xml:1168
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1122
+#: sssd.conf.5.xml:1174
msgid "enumerate (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1125
+#: sssd.conf.5.xml:1177
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1129
+#: sssd.conf.5.xml:1181
msgid "TRUE = Users and groups are enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1132
+#: sssd.conf.5.xml:1184
msgid "FALSE = No enumerations for this domain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1135 sssd.conf.5.xml:1367 sssd.conf.5.xml:1476
-#: sssd.conf.5.xml:1493
+#: sssd.conf.5.xml:1187 sssd.conf.5.xml:1419 sssd.conf.5.xml:1528
+#: sssd.conf.5.xml:1545
msgid "Default: FALSE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1138
+#: sssd.conf.5.xml:1190
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
@@ -1499,14 +1568,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1151
+#: sssd.conf.5.xml:1203
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1156
+#: sssd.conf.5.xml:1208
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -1515,39 +1584,39 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1164
+#: sssd.conf.5.xml:1216
msgid ""
"For the reasons cited above, enabling enumeration is not recommended, "
"especially in large environments."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1172
+#: sssd.conf.5.xml:1224
msgid "subdomain_enumerate (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1179
+#: sssd.conf.5.xml:1231
msgid "all"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1180
+#: sssd.conf.5.xml:1232
msgid "All discovered trusted domains will be enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1183
+#: sssd.conf.5.xml:1235
msgid "none"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1184
+#: sssd.conf.5.xml:1236
msgid "No discovered trusted domains will be enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1175
+#: sssd.conf.5.xml:1227
msgid ""
"Whether any of autodetected trusted domains should be enumerated. The "
"supported values are: <placeholder type=\"variablelist\" id=\"0\"/> "
@@ -1556,19 +1625,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1215
+#: sssd.conf.5.xml:1267
msgid "entry_cache_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1218
+#: sssd.conf.5.xml:1270
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1222
+#: sssd.conf.5.xml:1274
msgid ""
"The cache expiration timestamps are stored as attributes of individual "
"objects in the cache. Therefore, changing the cache timeout only has effect "
@@ -1579,150 +1648,151 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1235
+#: sssd.conf.5.xml:1287
msgid "Default: 5400"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1241
+#: sssd.conf.5.xml:1293
msgid "entry_cache_user_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1244
+#: sssd.conf.5.xml:1296
msgid ""
"How many seconds should nss_sss consider user entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1248 sssd.conf.5.xml:1261 sssd.conf.5.xml:1274
-#: sssd.conf.5.xml:1287 sssd.conf.5.xml:1300 sssd.conf.5.xml:1314
-#: sssd.conf.5.xml:1328
+#: sssd.conf.5.xml:1300 sssd.conf.5.xml:1313 sssd.conf.5.xml:1326
+#: sssd.conf.5.xml:1339 sssd.conf.5.xml:1352 sssd.conf.5.xml:1366
+#: sssd.conf.5.xml:1380
msgid "Default: entry_cache_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1254
+#: sssd.conf.5.xml:1306
msgid "entry_cache_group_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1257
+#: sssd.conf.5.xml:1309
msgid ""
"How many seconds should nss_sss consider group entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1267
+#: sssd.conf.5.xml:1319
msgid "entry_cache_netgroup_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1270
+#: sssd.conf.5.xml:1322
msgid ""
"How many seconds should nss_sss consider netgroup entries valid before "
"asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1280
+#: sssd.conf.5.xml:1332
msgid "entry_cache_service_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1283
+#: sssd.conf.5.xml:1335
msgid ""
"How many seconds should nss_sss consider service entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1293
+#: sssd.conf.5.xml:1345
msgid "entry_cache_sudo_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1296
+#: sssd.conf.5.xml:1348
msgid ""
"How many seconds should sudo consider rules valid before asking the backend "
"again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1306
+#: sssd.conf.5.xml:1358
msgid "entry_cache_autofs_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1309
+#: sssd.conf.5.xml:1361
msgid ""
"How many seconds should the autofs service consider automounter maps valid "
"before asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1320
+#: sssd.conf.5.xml:1372
msgid "entry_cache_ssh_host_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1323
+#: sssd.conf.5.xml:1375
msgid ""
"How many seconds to keep a host ssh key after refresh. IE how long to cache "
"the host key for."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1334
+#: sssd.conf.5.xml:1386
msgid "refresh_expired_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1337
+#: sssd.conf.5.xml:1389
msgid ""
"Specifies how many seconds SSSD has to wait before triggering a background "
"refresh task which will refresh all expired or nearly expired records."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1342
-msgid "Currently only refreshing expired netgroups is supported."
+#: sssd.conf.5.xml:1394
+msgid ""
+"The background refresh will process users, groups and netgroups in the cache."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1346
+#: sssd.conf.5.xml:1398
msgid "You can consider setting this value to 3/4 * entry_cache_timeout."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1350 sssd-ipa.5.xml:224
+#: sssd.conf.5.xml:1402 sssd-ipa.5.xml:224
msgid "Default: 0 (disabled)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1356
+#: sssd.conf.5.xml:1408
msgid "cache_credentials (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1359
+#: sssd.conf.5.xml:1411
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1363
+#: sssd.conf.5.xml:1415
msgid "User credentials are stored in a SHA512 hash, not in plaintext"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1372
+#: sssd.conf.5.xml:1424
msgid "account_cache_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1375
+#: sssd.conf.5.xml:1427
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -1731,17 +1801,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1382
+#: sssd.conf.5.xml:1434
msgid "Default: 0 (unlimited)"
msgstr "Noklusējuma: 0 (neierobežots)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1387
+#: sssd.conf.5.xml:1439
msgid "pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1398
+#: sssd.conf.5.xml:1450
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1750,33 +1820,33 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1405
+#: sssd.conf.5.xml:1457
msgid "Default: 7 (Kerberos), 0 (LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1411
+#: sssd.conf.5.xml:1463
msgid "id_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1414
+#: sssd.conf.5.xml:1466
msgid ""
"The identification provider used for the domain. Supported ID providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1418
+#: sssd.conf.5.xml:1470
msgid "<quote>proxy</quote>: Support a legacy NSS provider"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1421 sssd.conf.5.xml:1539
+#: sssd.conf.5.xml:1473 sssd.conf.5.xml:1591
msgid "<quote>local</quote>: SSSD internal provider for local users"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1425
+#: sssd.conf.5.xml:1477
msgid ""
"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
@@ -1784,8 +1854,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1433 sssd.conf.5.xml:1519 sssd.conf.5.xml:1574
-#: sssd.conf.5.xml:1627
+#: sssd.conf.5.xml:1485 sssd.conf.5.xml:1571 sssd.conf.5.xml:1626
+#: sssd.conf.5.xml:1679
msgid ""
"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -1794,8 +1864,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1442 sssd.conf.5.xml:1528 sssd.conf.5.xml:1583
-#: sssd.conf.5.xml:1636
+#: sssd.conf.5.xml:1494 sssd.conf.5.xml:1580 sssd.conf.5.xml:1635
+#: sssd.conf.5.xml:1688
msgid ""
"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1803,19 +1873,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1453
+#: sssd.conf.5.xml:1505
msgid "use_fully_qualified_names (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1456
+#: sssd.conf.5.xml:1508
msgid ""
"Use the full name and domain (as formatted by the domain's full_name_format) "
"as the user's login name reported to NSS."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1461
+#: sssd.conf.5.xml:1513
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified names. "
"For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -1824,7 +1894,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1469
+#: sssd.conf.5.xml:1521
msgid ""
"NOTE: This option has no effect on netgroup lookups due to their tendency to "
"include nested netgroups without qualified names. For netgroups, all domains "
@@ -1832,17 +1902,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1481
+#: sssd.conf.5.xml:1533
msgid "ignore_group_members (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1484
+#: sssd.conf.5.xml:1536
msgid "Do not return group members for group lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1487
+#: sssd.conf.5.xml:1539
msgid ""
"If set to TRUE, the group membership attribute is not requested from the "
"ldap server, and group members are not returned when processing group lookup "
@@ -1850,19 +1920,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1498
+#: sssd.conf.5.xml:1550
msgid "auth_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1501
+#: sssd.conf.5.xml:1553
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1505 sssd.conf.5.xml:1567
+#: sssd.conf.5.xml:1557 sssd.conf.5.xml:1619
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1870,7 +1940,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1512
+#: sssd.conf.5.xml:1564
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1878,30 +1948,30 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1536
+#: sssd.conf.5.xml:1588
msgid ""
"<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1543
+#: sssd.conf.5.xml:1595
msgid "<quote>none</quote> disables authentication explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1546
+#: sssd.conf.5.xml:1598
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1552
+#: sssd.conf.5.xml:1604
msgid "access_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1555
+#: sssd.conf.5.xml:1607
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -1909,19 +1979,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1561
+#: sssd.conf.5.xml:1613
msgid ""
"<quote>permit</quote> always allow access. It's the only permitted access "
"provider for a local domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1564
+#: sssd.conf.5.xml:1616
msgid "<quote>deny</quote> always deny access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1591
+#: sssd.conf.5.xml:1643
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
@@ -1930,24 +2000,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1598
+#: sssd.conf.5.xml:1650
msgid "Default: <quote>permit</quote>"
msgstr "Noklusējuma: <quote>atļaut</quote>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1603
+#: sssd.conf.5.xml:1655
msgid "chpass_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1606
+#: sssd.conf.5.xml:1658
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1611
+#: sssd.conf.5.xml:1663
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
@@ -1955,7 +2025,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1619
+#: sssd.conf.5.xml:1671
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1963,35 +2033,35 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1644
+#: sssd.conf.5.xml:1696
msgid ""
"<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1648
+#: sssd.conf.5.xml:1700
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1651
+#: sssd.conf.5.xml:1703
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1658
+#: sssd.conf.5.xml:1710
msgid "sudo_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1661
+#: sssd.conf.5.xml:1713
msgid "The SUDO provider used for the domain. Supported SUDO providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1665
+#: sssd.conf.5.xml:1717
msgid ""
"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1999,32 +2069,32 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1673
+#: sssd.conf.5.xml:1725
msgid ""
"<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default "
"settings."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1677
+#: sssd.conf.5.xml:1729
msgid ""
"<quote>ad</quote> the same as <quote>ldap</quote> but with AD default "
"settings."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1681
+#: sssd.conf.5.xml:1733
msgid "<quote>none</quote> disables SUDO explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1684 sssd.conf.5.xml:1762 sssd.conf.5.xml:1794
-#: sssd.conf.5.xml:1819
+#: sssd.conf.5.xml:1736 sssd.conf.5.xml:1814 sssd.conf.5.xml:1846
+#: sssd.conf.5.xml:1871
msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1688
+#: sssd.conf.5.xml:1740
msgid ""
"The detailed instructions for configuration of sudo_provider are in the "
"manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> "
@@ -2035,12 +2105,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1705
+#: sssd.conf.5.xml:1757
msgid "selinux_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1708
+#: sssd.conf.5.xml:1760
msgid ""
"The provider which should handle loading of selinux settings. Note that this "
"provider will be called right after access provider ends. Supported selinux "
@@ -2048,7 +2118,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1714
+#: sssd.conf.5.xml:1766
msgid ""
"<quote>ipa</quote> to load selinux settings from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2056,31 +2126,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1722
+#: sssd.conf.5.xml:1774
msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1725
+#: sssd.conf.5.xml:1777
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"selinux loading requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1731
+#: sssd.conf.5.xml:1783
msgid "subdomains_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1734
+#: sssd.conf.5.xml:1786
msgid ""
"The provider which should handle fetching of subdomains. This value should "
"be always the same as id_provider. Supported subdomain providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1740
+#: sssd.conf.5.xml:1792
msgid ""
"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2088,7 +2158,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1749
+#: sssd.conf.5.xml:1801
msgid ""
"<quote>ad</quote> to load a list of subdomains from an Active Directory "
"server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> "
@@ -2097,23 +2167,23 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1758
+#: sssd.conf.5.xml:1810
msgid "<quote>none</quote> disallows fetching subdomains explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1769
+#: sssd.conf.5.xml:1821
msgid "autofs_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1772
+#: sssd.conf.5.xml:1824
msgid ""
"The autofs provider used for the domain. Supported autofs providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1776
+#: sssd.conf.5.xml:1828
msgid ""
"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2121,7 +2191,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1783
+#: sssd.conf.5.xml:1835
msgid ""
"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2129,24 +2199,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1791
+#: sssd.conf.5.xml:1843
msgid "<quote>none</quote> disables autofs explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1801
+#: sssd.conf.5.xml:1853
msgid "hostid_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1804
+#: sssd.conf.5.xml:1856
msgid ""
"The provider used for retrieving host identity information. Supported "
"hostid providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1808
+#: sssd.conf.5.xml:1860
msgid ""
"<quote>ipa</quote> to load host identity stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2154,12 +2224,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1816
+#: sssd.conf.5.xml:1868
msgid "<quote>none</quote> disables hostid explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1829
+#: sssd.conf.5.xml:1881
msgid ""
"Regular expression for this domain that describes how to parse the string "
"containing user name and domain into these components. The \"domain\" can "
@@ -2169,7 +2239,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1838
+#: sssd.conf.5.xml:1890
msgid ""
"Default for the AD and IPA provider: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
"\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
@@ -2178,29 +2248,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1843
+#: sssd.conf.5.xml:1895
msgid "username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1846
+#: sssd.conf.5.xml:1898
msgid "username@domain.name"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1849
+#: sssd.conf.5.xml:1901
msgid "domain\\username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1852
+#: sssd.conf.5.xml:1904
msgid ""
"While the first two correspond to the general default the third one is "
"introduced to allow easy integration of users from Windows domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1857
+#: sssd.conf.5.xml:1909
msgid ""
"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
"which translates to \"the name is everything up to the <quote>@</quote> "
@@ -2208,7 +2278,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1863
+#: sssd.conf.5.xml:1915
msgid ""
"PLEASE NOTE: the support for non-unique named subpatterns is not available "
"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
@@ -2216,66 +2286,66 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1870
+#: sssd.conf.5.xml:1922
msgid ""
"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?"
"P&lt;name&gt;) to label subpatterns."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1917
+#: sssd.conf.5.xml:1969
msgid "Default: <quote>%1$s@%2$s</quote>."
msgstr "Noklusējuma: <quote>%1$s@%2$s</quote>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1923
+#: sssd.conf.5.xml:1975
msgid "lookup_family_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1926
+#: sssd.conf.5.xml:1978
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1930
+#: sssd.conf.5.xml:1982
msgid "Supported values:"
msgstr "Atbalstītās vērtības:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1933
+#: sssd.conf.5.xml:1985
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1936
+#: sssd.conf.5.xml:1988
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1939
+#: sssd.conf.5.xml:1991
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1942
+#: sssd.conf.5.xml:1994
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1945
+#: sssd.conf.5.xml:1997
msgid "Default: ipv4_first"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1951
+#: sssd.conf.5.xml:2003
msgid "dns_resolver_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1954
+#: sssd.conf.5.xml:2006
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -2283,70 +2353,70 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1960 sssd-ldap.5.xml:1184 sssd-ldap.5.xml:1226
-#: sssd-ldap.5.xml:1241 sssd-krb5.5.xml:239
+#: sssd.conf.5.xml:2012 sssd-ldap.5.xml:1184 sssd-ldap.5.xml:1226
+#: sssd-ldap.5.xml:1241 sssd-krb5.5.xml:248
msgid "Default: 6"
msgstr "Noklusējuma: 6"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1966
+#: sssd.conf.5.xml:2018
msgid "dns_discovery_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1969
+#: sssd.conf.5.xml:2021
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1973
+#: sssd.conf.5.xml:2025
msgid "Default: Use the domain part of machine's hostname"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1979
+#: sssd.conf.5.xml:2031
msgid "override_gid (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1982
+#: sssd.conf.5.xml:2034
msgid "Override the primary GID value with the one specified."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1988
+#: sssd.conf.5.xml:2040
msgid "case_sensitive (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1996
+#: sssd.conf.5.xml:2048
msgid "True"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1999
+#: sssd.conf.5.xml:2051
msgid "Case sensitive. This value is invalid for AD provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2005
+#: sssd.conf.5.xml:2057
msgid "False"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2007
+#: sssd.conf.5.xml:2059
msgid "Case insensitive."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2011
+#: sssd.conf.5.xml:2063
msgid "Preserving"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2014
+#: sssd.conf.5.xml:2066
msgid ""
"Same as False (case insensitive), but does not lowercase names in the result "
"of NSS operations. Note that name aliases (and in case of services also "
@@ -2354,7 +2424,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1991
+#: sssd.conf.5.xml:2043
msgid ""
"Treat user and group names as case sensitive. At the moment, this option is "
"not supported in the local provider. Possible option values are: "
@@ -2362,17 +2432,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2026
+#: sssd.conf.5.xml:2078
msgid "Default: True (False for AD provider)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2032
+#: sssd.conf.5.xml:2084
msgid "proxy_fast_alias (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2035
+#: sssd.conf.5.xml:2087
msgid ""
"When a user or group is looked up by name in the proxy provider, a second "
"lookup by ID is performed to \"canonicalize\" the name in case the requested "
@@ -2381,22 +2451,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2049
+#: sssd.conf.5.xml:2101
msgid "subdomain_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2060
+#: sssd.conf.5.xml:2112
msgid "%F"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2061
+#: sssd.conf.5.xml:2113
msgid "flat (NetBIOS) name of a subdomain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2052
+#: sssd.conf.5.xml:2104
msgid ""
"Use this homedir as default value for all subdomains within this domain in "
"IPA AD trust. See <emphasis>override_homedir</emphasis> for info about "
@@ -2406,29 +2476,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2066
+#: sssd.conf.5.xml:2118
msgid ""
"The value can be overridden by <emphasis>override_homedir</emphasis> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2070
+#: sssd.conf.5.xml:2122
msgid "Default: <filename>/home/%d/%u</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2075
+#: sssd.conf.5.xml:2127
msgid "realmd_tags (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2078
+#: sssd.conf.5.xml:2130
msgid ""
"Various tags stored by the realmd configuration service for this domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1092
+#: sssd.conf.5.xml:1144
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
@@ -2436,29 +2506,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2091
+#: sssd.conf.5.xml:2143
msgid "proxy_pam_target (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2094
+#: sssd.conf.5.xml:2146
msgid "The proxy target PAM proxies to."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2097
+#: sssd.conf.5.xml:2149
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2105
+#: sssd.conf.5.xml:2157
msgid "proxy_lib_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2108
+#: sssd.conf.5.xml:2160
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -2466,19 +2536,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:2087
+#: sssd.conf.5.xml:2139
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
"\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:2120
+#: sssd.conf.5.xml:2172
msgid "The local domain section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:2122
+#: sssd.conf.5.xml:2174
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -2486,73 +2556,73 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2129
+#: sssd.conf.5.xml:2181
msgid "default_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2132
+#: sssd.conf.5.xml:2184
msgid "The default shell for users created with SSSD userspace tools."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2136
+#: sssd.conf.5.xml:2188
msgid "Default: <filename>/bin/bash</filename>"
msgstr "Noklusējuma: <filename>/bin/bash</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2141
+#: sssd.conf.5.xml:2193
msgid "base_directory (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2144
+#: sssd.conf.5.xml:2196
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2149
+#: sssd.conf.5.xml:2201
msgid "Default: <filename>/home</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2154
+#: sssd.conf.5.xml:2206
msgid "create_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2157
+#: sssd.conf.5.xml:2209
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2161 sssd.conf.5.xml:2173
+#: sssd.conf.5.xml:2213 sssd.conf.5.xml:2225
msgid "Default: TRUE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2166
+#: sssd.conf.5.xml:2218
msgid "remove_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2169
+#: sssd.conf.5.xml:2221
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2178
+#: sssd.conf.5.xml:2230
msgid "homedir_umask (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2181
+#: sssd.conf.5.xml:2233
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -2560,17 +2630,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2189
+#: sssd.conf.5.xml:2241
msgid "Default: 077"
msgstr "Noklusējuma: 077"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2194
+#: sssd.conf.5.xml:2246
msgid "skel_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2197
+#: sssd.conf.5.xml:2249
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -2579,17 +2649,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2207
+#: sssd.conf.5.xml:2259
msgid "Default: <filename>/etc/skel</filename>"
msgstr "Noklusējuma: <filename>/etc/skel</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2212
+#: sssd.conf.5.xml:2264
msgid "mail_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2215
+#: sssd.conf.5.xml:2267
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -2597,17 +2667,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2222
+#: sssd.conf.5.xml:2274
msgid "Default: <filename>/var/mail</filename>"
msgstr "Noklusējuma: <filename>/var/mail</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2227
+#: sssd.conf.5.xml:2279
msgid "userdel_cmd (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2230
+#: sssd.conf.5.xml:2282
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -2615,19 +2685,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2236
+#: sssd.conf.5.xml:2288
msgid "Default: None, no command is run"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:2246 sssd-ldap.5.xml:2518 sssd-simple.5.xml:131
-#: sssd-ipa.5.xml:718 sssd-ad.5.xml:843 sssd-krb5.5.xml:519
+#: sssd.conf.5.xml:2298 sssd-ldap.5.xml:2569 sssd-simple.5.xml:131
+#: sssd-ipa.5.xml:718 sssd-ad.5.xml:843 sssd-krb5.5.xml:564
#: sss_rpcidmapd.5.xml:98
msgid "EXAMPLE"
msgstr "PIEMĒRS"
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:2252
+#: sssd.conf.5.xml:2304
#, no-wrap
msgid ""
"[sssd]\n"
@@ -2657,7 +2727,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:2248
+#: sssd.conf.5.xml:2300
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -3496,7 +3566,7 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:738 sssd-ldap.5.xml:831 sssd-ldap.5.xml:1058
-#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:2102 sssd-ldap.5.xml:2441
+#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:2153 sssd-ldap.5.xml:2492
#: sssd-ipa.5.xml:591
msgid "Default: cn"
msgstr ""
@@ -3777,11 +3847,6 @@ msgid ""
"dealing with complex or deep nested groups)."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1017
-msgid "ldap_use_tokengroups"
-msgstr ""
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1020
msgid ""
@@ -4016,7 +4081,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1258 sssd-ldap.5.xml:2259
+#: sssd-ldap.5.xml:1258 sssd-ldap.5.xml:2310
msgid "Default: 900 (15 minutes)"
msgstr ""
@@ -4467,7 +4532,7 @@ msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:403 sssd-krb5.5.xml:453
+#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:403 sssd-krb5.5.xml:462
msgid "krb5_canonicalize (boolean)"
msgstr ""
@@ -4479,12 +4544,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1700 sssd-krb5.5.xml:468
+#: sssd-ldap.5.xml:1700 sssd-krb5.5.xml:477
msgid "krb5_use_kdcinfo (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1703 sssd-krb5.5.xml:471
+#: sssd-ldap.5.xml:1703 sssd-krb5.5.xml:480
msgid ""
"Specifies if the SSSD should instruct the Kerberos libraries what realm and "
"which KDCs to use. This option is on by default, if you disable it, you need "
@@ -4494,7 +4559,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1714 sssd-krb5.5.xml:482
+#: sssd-ldap.5.xml:1714 sssd-krb5.5.xml:491
msgid ""
"See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</"
"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more "
@@ -4762,40 +4827,93 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1958
+msgid ""
+"<emphasis> Please note that this option is superseded by the <quote>ppolicy</"
+"quote> option and might be removed in a future release. </emphasis>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1965
+msgid ""
+"<emphasis>ppolicy</emphasis>: use account locking. If set, this option "
+"denies access in case that ldap attribute 'pwdAccountLockedTime' is present "
+"and has value of '000001010000Z' or represents any time in the past. The "
+"value of the 'pwdAccountLockedTime' attribute must end with 'Z', which "
+"denotes the UTC time zone. Other time zones are not currently supported and "
+"will result in \"access-denied\" when users attempt to log in. Please see "
+"the option ldap_pwdlockout_dn. Please note that 'access_provider = ldap' "
+"must be set for this feature to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1982
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1962
+#: sssd-ldap.5.xml:1986
+msgid ""
+"<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, "
+"pwd_expire_policy_renew: </emphasis> These options are useful if users are "
+"interested in being warned that password is about to expire and "
+"authentication is based on using a different method than passwords - for "
+"example SSH keys."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1996
+msgid ""
+"The difference between these options is the action taken if user password is "
+"expired: pwd_expire_policy_reject - user is denied to log in, "
+"pwd_expire_policy_warn - user is still able to log in, "
+"pwd_expire_policy_renew - user is prompted to change his password "
+"immediately."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2004
+msgid ""
+"Note If user password is expired no explicit message is prompted by SSSD."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2008
+msgid ""
+"Please note that 'access_provider = ldap' must be set for this feature to "
+"work. Also 'ldap_pwd_policy' must be set to an appropriate password policy."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2013
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1967
+#: sssd-ldap.5.xml:2018
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1971
+#: sssd-ldap.5.xml:2022
msgid "Default: filter"
msgstr "Noklusējuma: filtrēt"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1974
+#: sssd-ldap.5.xml:2025
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1981
+#: sssd-ldap.5.xml:2032
msgid "ldap_pwdlockout_dn (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1984
+#: sssd-ldap.5.xml:2035
msgid ""
"This option specifies the DN of password policy entry on LDAP server. Please "
"note that absence of this option in sssd.conf in case of enabled account "
@@ -4804,74 +4922,74 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1992
+#: sssd-ldap.5.xml:2043
msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1995
+#: sssd-ldap.5.xml:2046
msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2001
+#: sssd-ldap.5.xml:2052
msgid "ldap_deref (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2004
+#: sssd-ldap.5.xml:2055
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2009
+#: sssd-ldap.5.xml:2060
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2013
+#: sssd-ldap.5.xml:2064
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2018
+#: sssd-ldap.5.xml:2069
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2023
+#: sssd-ldap.5.xml:2074
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2028
+#: sssd-ldap.5.xml:2079
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2036
+#: sssd-ldap.5.xml:2087
msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2039
+#: sssd-ldap.5.xml:2090
msgid ""
"Allows to retain local users as members of an LDAP group for servers that "
"use the RFC2307 schema."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2043
+#: sssd-ldap.5.xml:2094
msgid ""
"In some environments where the RFC2307 schema is used, local users are made "
"members of LDAP groups by adding their names to the memberUid attribute. "
@@ -4882,7 +5000,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2054
+#: sssd-ldap.5.xml:2105
msgid ""
"This option falls back to checking if local users are referenced, and caches "
"them so that later initgroups() calls will augment the local users with the "
@@ -4900,12 +5018,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2070
+#: sssd-ldap.5.xml:2121
msgid "SUDO OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2072
+#: sssd-ldap.5.xml:2123
msgid ""
"The detailed instructions for configuration of sudo_provider are in the "
"manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> "
@@ -4913,208 +5031,208 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2083
+#: sssd-ldap.5.xml:2134
msgid "ldap_sudorule_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2086
+#: sssd-ldap.5.xml:2137
msgid "The object class of a sudo rule entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2089
+#: sssd-ldap.5.xml:2140
msgid "Default: sudoRole"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2095
+#: sssd-ldap.5.xml:2146
msgid "ldap_sudorule_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2098
+#: sssd-ldap.5.xml:2149
msgid "The LDAP attribute that corresponds to the sudo rule name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2108
+#: sssd-ldap.5.xml:2159
msgid "ldap_sudorule_command (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2111
+#: sssd-ldap.5.xml:2162
msgid "The LDAP attribute that corresponds to the command name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2115
+#: sssd-ldap.5.xml:2166
msgid "Default: sudoCommand"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2121
+#: sssd-ldap.5.xml:2172
msgid "ldap_sudorule_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2124
+#: sssd-ldap.5.xml:2175
msgid ""
"The LDAP attribute that corresponds to the host name (or host IP address, "
"host IP network, or host netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2129
+#: sssd-ldap.5.xml:2180
msgid "Default: sudoHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2135
+#: sssd-ldap.5.xml:2186
msgid "ldap_sudorule_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2138
+#: sssd-ldap.5.xml:2189
msgid ""
"The LDAP attribute that corresponds to the user name (or UID, group name or "
"user's netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2142
+#: sssd-ldap.5.xml:2193
msgid "Default: sudoUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2148
+#: sssd-ldap.5.xml:2199
msgid "ldap_sudorule_option (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2151
+#: sssd-ldap.5.xml:2202
msgid "The LDAP attribute that corresponds to the sudo options."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2155
+#: sssd-ldap.5.xml:2206
msgid "Default: sudoOption"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2161
+#: sssd-ldap.5.xml:2212
msgid "ldap_sudorule_runasuser (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2164
+#: sssd-ldap.5.xml:2215
msgid ""
"The LDAP attribute that corresponds to the user name that commands may be "
"run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2168
+#: sssd-ldap.5.xml:2219
msgid "Default: sudoRunAsUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2174
+#: sssd-ldap.5.xml:2225
msgid "ldap_sudorule_runasgroup (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2177
+#: sssd-ldap.5.xml:2228
msgid ""
"The LDAP attribute that corresponds to the group name or group GID that "
"commands may be run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2181
+#: sssd-ldap.5.xml:2232
msgid "Default: sudoRunAsGroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2187
+#: sssd-ldap.5.xml:2238
msgid "ldap_sudorule_notbefore (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2190
+#: sssd-ldap.5.xml:2241
msgid ""
"The LDAP attribute that corresponds to the start date/time for when the sudo "
"rule is valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2194
+#: sssd-ldap.5.xml:2245
msgid "Default: sudoNotBefore"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2200
+#: sssd-ldap.5.xml:2251
msgid "ldap_sudorule_notafter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2203
+#: sssd-ldap.5.xml:2254
msgid ""
"The LDAP attribute that corresponds to the expiration date/time, after which "
"the sudo rule will no longer be valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2208
+#: sssd-ldap.5.xml:2259
msgid "Default: sudoNotAfter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2214
+#: sssd-ldap.5.xml:2265
msgid "ldap_sudorule_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2217
+#: sssd-ldap.5.xml:2268
msgid "The LDAP attribute that corresponds to the ordering index of the rule."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2221
+#: sssd-ldap.5.xml:2272
msgid "Default: sudoOrder"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2227
+#: sssd-ldap.5.xml:2278
msgid "ldap_sudo_full_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2230
+#: sssd-ldap.5.xml:2281
msgid ""
"How many seconds SSSD will wait between executing a full refresh of sudo "
"rules (which downloads all rules that are stored on the server)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2235
+#: sssd-ldap.5.xml:2286
msgid ""
"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </"
"emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2240
+#: sssd-ldap.5.xml:2291
msgid "Default: 21600 (6 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2246
+#: sssd-ldap.5.xml:2297
msgid "ldap_sudo_smart_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2249
+#: sssd-ldap.5.xml:2300
msgid ""
"How many seconds SSSD has to wait before executing a smart refresh of sudo "
"rules (which downloads all rules that have USN higher than the highest USN "
@@ -5122,101 +5240,101 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2255
+#: sssd-ldap.5.xml:2306
msgid ""
"If USN attributes are not supported by the server, the modifyTimestamp "
"attribute is used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2265
+#: sssd-ldap.5.xml:2316
msgid "ldap_sudo_use_host_filter (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2268
+#: sssd-ldap.5.xml:2319
msgid ""
"If true, SSSD will download only rules that are applicable to this machine "
"(using the IPv4 or IPv6 host/network addresses and hostnames)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2279
+#: sssd-ldap.5.xml:2330
msgid "ldap_sudo_hostnames (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2282
+#: sssd-ldap.5.xml:2333
msgid ""
"Space separated list of hostnames or fully qualified domain names that "
"should be used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2287
+#: sssd-ldap.5.xml:2338
msgid ""
"If this option is empty, SSSD will try to discover the hostname and the "
"fully qualified domain name automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2292 sssd-ldap.5.xml:2315 sssd-ldap.5.xml:2333
-#: sssd-ldap.5.xml:2351
+#: sssd-ldap.5.xml:2343 sssd-ldap.5.xml:2366 sssd-ldap.5.xml:2384
+#: sssd-ldap.5.xml:2402
msgid ""
"If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</"
"emphasis> then this option has no effect."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2297 sssd-ldap.5.xml:2320
+#: sssd-ldap.5.xml:2348 sssd-ldap.5.xml:2371
msgid "Default: not specified"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2303
+#: sssd-ldap.5.xml:2354
msgid "ldap_sudo_ip (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2306
+#: sssd-ldap.5.xml:2357
msgid ""
"Space separated list of IPv4 or IPv6 host/network addresses that should be "
"used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2311
+#: sssd-ldap.5.xml:2362
msgid ""
"If this option is empty, SSSD will try to discover the addresses "
"automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2326
+#: sssd-ldap.5.xml:2377
msgid "ldap_sudo_include_netgroups (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2329
+#: sssd-ldap.5.xml:2380
msgid ""
"If true then SSSD will download every rule that contains a netgroup in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2344
+#: sssd-ldap.5.xml:2395
msgid "ldap_sudo_include_regexp (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2347
+#: sssd-ldap.5.xml:2398
msgid ""
"If true then SSSD will download every rule that contains a wildcard in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2363
+#: sssd-ldap.5.xml:2414
msgid ""
"This manual page only describes attribute name mapping. For detailed "
"explanation of sudo related attribute semantics, see <citerefentry> "
@@ -5225,91 +5343,91 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2373
+#: sssd-ldap.5.xml:2424
msgid "AUTOFS OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2375
+#: sssd-ldap.5.xml:2426
msgid ""
"Please note that the default values correspond to the default schema which "
"is RFC2307."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2381
+#: sssd-ldap.5.xml:2432
msgid "ldap_autofs_map_master_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2384
+#: sssd-ldap.5.xml:2435
msgid "The name of the automount master map in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2387
+#: sssd-ldap.5.xml:2438
msgid "Default: auto.master"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2394
+#: sssd-ldap.5.xml:2445
msgid "ldap_autofs_map_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2397 sssd-ldap.5.xml:2423
+#: sssd-ldap.5.xml:2448 sssd-ldap.5.xml:2474
msgid "The object class of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2400 sssd-ldap.5.xml:2427
+#: sssd-ldap.5.xml:2451 sssd-ldap.5.xml:2478
msgid "Default: automountMap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2407
+#: sssd-ldap.5.xml:2458
msgid "ldap_autofs_map_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2410
+#: sssd-ldap.5.xml:2461
msgid "The name of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2413
+#: sssd-ldap.5.xml:2464
msgid "Default: ou"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2420
+#: sssd-ldap.5.xml:2471
msgid "ldap_autofs_entry_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2434
+#: sssd-ldap.5.xml:2485
msgid "ldap_autofs_entry_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2437 sssd-ldap.5.xml:2451
+#: sssd-ldap.5.xml:2488 sssd-ldap.5.xml:2502
msgid ""
"The key of an automount entry in LDAP. The entry usually corresponds to a "
"mount point."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2448
+#: sssd-ldap.5.xml:2499
msgid "ldap_autofs_entry_value (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2455
+#: sssd-ldap.5.xml:2506
msgid "Default: automountInformation"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2379
+#: sssd-ldap.5.xml:2430
msgid ""
"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
@@ -5318,32 +5436,32 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2465
+#: sssd-ldap.5.xml:2516
msgid "ADVANCED OPTIONS"
msgstr "PAPLAŠINĀTĀS IESPĒJAS"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2472
+#: sssd-ldap.5.xml:2523
msgid "ldap_netgroup_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2477
+#: sssd-ldap.5.xml:2528
msgid "ldap_user_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2482
+#: sssd-ldap.5.xml:2533
msgid "ldap_group_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><note>
-#: sssd-ldap.5.xml:2487
+#: sssd-ldap.5.xml:2538
msgid "<note>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para>
-#: sssd-ldap.5.xml:2489
+#: sssd-ldap.5.xml:2540
msgid ""
"If the option <quote>ldap_use_tokengroups</quote> is enabled. The searches "
"against Active Directory will not be restricted and return all groups "
@@ -5352,22 +5470,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist>
-#: sssd-ldap.5.xml:2496
+#: sssd-ldap.5.xml:2547
msgid "</note>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2498
+#: sssd-ldap.5.xml:2549
msgid "ldap_sudo_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2503
+#: sssd-ldap.5.xml:2554
msgid "ldap_autofs_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2467
+#: sssd-ldap.5.xml:2518
msgid ""
"These options are supported by LDAP domains, but they should be used with "
"caution. Please include them in your configuration only if you know what you "
@@ -5376,7 +5494,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2520
+#: sssd-ldap.5.xml:2571
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -5384,7 +5502,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2526
+#: sssd-ldap.5.xml:2577
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -5397,26 +5515,26 @@ msgid ""
msgstr ""
#. type: Content of: <refsect1><refsect2><para>
-#: sssd-ldap.5.xml:2525 sssd-ldap.5.xml:2543 sssd-simple.5.xml:139
+#: sssd-ldap.5.xml:2576 sssd-ldap.5.xml:2594 sssd-simple.5.xml:139
#: sssd-ipa.5.xml:726 sssd-ad.5.xml:851 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98
-#: sssd-krb5.5.xml:528 include/ldap_id_mapping.xml:105
+#: sssd-krb5.5.xml:573 include/ldap_id_mapping.xml:105
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2537
+#: sssd-ldap.5.xml:2588
msgid "LDAP ACCESS FILTER EXAMPLE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2539
+#: sssd-ldap.5.xml:2590
msgid ""
"The following example assumes that SSSD is correctly configured and to use "
"the ldap_access_order=lockout."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2544
+#: sssd-ldap.5.xml:2595
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -5432,13 +5550,13 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2559 sssd_krb5_locator_plugin.8.xml:61
+#: sssd-ldap.5.xml:2610 sssd_krb5_locator_plugin.8.xml:61
#: sssd-simple.5.xml:148 sssd-ad.5.xml:866 sssd.8.xml:195 sss_seed.8.xml:163
msgid "NOTES"
msgstr "PIEZĪMES"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2561
+#: sssd-ldap.5.xml:2612
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -6198,7 +6316,7 @@ msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:371 sssd-krb5.5.xml:245
+#: sssd-ipa.5.xml:371 sssd-krb5.5.xml:254
msgid "krb5_validate (boolean)"
msgstr ""
@@ -6239,12 +6357,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:419 sssd-krb5.5.xml:407
+#: sssd-ipa.5.xml:419 sssd-krb5.5.xml:416
msgid "krb5_use_fast (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:422 sssd-krb5.5.xml:410
+#: sssd-ipa.5.xml:422 sssd-krb5.5.xml:419
msgid ""
"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-"
"authentication. The following options are supported:"
@@ -6264,7 +6382,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:436 sssd-krb5.5.xml:424
+#: sssd-ipa.5.xml:436 sssd-krb5.5.xml:433
msgid ""
"<emphasis>demand</emphasis> to use FAST. The authentication fails if the "
"server does not require fast."
@@ -6276,7 +6394,7 @@ msgid "Default: try"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:444 sssd-krb5.5.xml:435
+#: sssd-ipa.5.xml:444 sssd-krb5.5.xml:444
msgid ""
"NOTE: SSSD supports FAST only with MIT Kerberos version 1.8 and later. If "
"SSSD is used with an older version of MIT Kerberos, using this option is a "
@@ -7360,12 +7478,12 @@ msgid "Default: True"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:797 sssd-krb5.5.xml:496
+#: sssd-ad.5.xml:797 sssd-krb5.5.xml:505
msgid "krb5_use_enterprise_principal (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:800 sssd-krb5.5.xml:499
+#: sssd-ad.5.xml:800 sssd-krb5.5.xml:508
msgid ""
"Specifies if the user principal should be treated as enterprise principal. "
"See section 5 of RFC 6806 for more details about enterprise principals."
@@ -8308,16 +8426,24 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:225
+msgid ""
+"NOTE: Please be aware that libkrb5 ccache expansion template from "
+"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> uses different expansion sequences than SSSD."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:234
msgid "Default: (from libkrb5)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:231
+#: sssd-krb5.5.xml:240
msgid "krb5_auth_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:234
+#: sssd-krb5.5.xml:243
msgid ""
"Timeout in seconds after an online authentication request or change password "
"request is aborted. If possible, the authentication request is continued "
@@ -8325,7 +8451,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:248
+#: sssd-krb5.5.xml:257
msgid ""
"Verify with the help of krb5_keytab that the TGT obtained has not been "
"spoofed. The keytab is checked for entries sequentially, and the first entry "
@@ -8336,36 +8462,36 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:263
+#: sssd-krb5.5.xml:272
msgid "krb5_keytab (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:266
+#: sssd-krb5.5.xml:275
msgid ""
"The location of the keytab to use when validating credentials obtained from "
"KDCs."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:270
+#: sssd-krb5.5.xml:279
msgid "Default: /etc/krb5.keytab"
msgstr "Noklusējuma: /etc/krb5.keytab"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:276
+#: sssd-krb5.5.xml:285
msgid "krb5_store_password_if_offline (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:279
+#: sssd-krb5.5.xml:288
msgid ""
"Store the password of the user if the provider is offline and use it to "
"request a TGT when the provider comes online again."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:284
+#: sssd-krb5.5.xml:293
msgid ""
"NOTE: this feature is only available on Linux. Passwords stored in this way "
"are kept in plaintext in the kernel keyring and are potentially accessible "
@@ -8373,91 +8499,91 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:297
+#: sssd-krb5.5.xml:306
msgid "krb5_renewable_lifetime (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:300
+#: sssd-krb5.5.xml:309
msgid ""
"Request a renewable ticket with a total lifetime, given as an integer "
"immediately followed by a time unit:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:305 sssd-krb5.5.xml:339 sssd-krb5.5.xml:376
+#: sssd-krb5.5.xml:314 sssd-krb5.5.xml:348 sssd-krb5.5.xml:385
msgid "<emphasis>s</emphasis> for seconds"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:308 sssd-krb5.5.xml:342 sssd-krb5.5.xml:379
+#: sssd-krb5.5.xml:317 sssd-krb5.5.xml:351 sssd-krb5.5.xml:388
msgid "<emphasis>m</emphasis> for minutes"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:311 sssd-krb5.5.xml:345 sssd-krb5.5.xml:382
+#: sssd-krb5.5.xml:320 sssd-krb5.5.xml:354 sssd-krb5.5.xml:391
msgid "<emphasis>h</emphasis> for hours"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:314 sssd-krb5.5.xml:348 sssd-krb5.5.xml:385
+#: sssd-krb5.5.xml:323 sssd-krb5.5.xml:357 sssd-krb5.5.xml:394
msgid "<emphasis>d</emphasis> for days."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:317 sssd-krb5.5.xml:388
+#: sssd-krb5.5.xml:326 sssd-krb5.5.xml:397
msgid "If there is no unit given, <emphasis>s</emphasis> is assumed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:321 sssd-krb5.5.xml:392
+#: sssd-krb5.5.xml:330 sssd-krb5.5.xml:401
msgid ""
"NOTE: It is not possible to mix units. To set the renewable lifetime to one "
"and a half hours, use '90m' instead of '1h30m'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:326
+#: sssd-krb5.5.xml:335
msgid "Default: not set, i.e. the TGT is not renewable"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:332
+#: sssd-krb5.5.xml:341
msgid "krb5_lifetime (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:335
+#: sssd-krb5.5.xml:344
msgid ""
"Request ticket with a lifetime, given as an integer immediately followed by "
"a time unit:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:351
+#: sssd-krb5.5.xml:360
msgid "If there is no unit given <emphasis>s</emphasis> is assumed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:355
+#: sssd-krb5.5.xml:364
msgid ""
"NOTE: It is not possible to mix units. To set the lifetime to one and a "
"half hours please use '90m' instead of '1h30m'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:360
+#: sssd-krb5.5.xml:369
msgid ""
"Default: not set, i.e. the default ticket lifetime configured on the KDC."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:367
+#: sssd-krb5.5.xml:376
msgid "krb5_renew_interval (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:370
+#: sssd-krb5.5.xml:379
msgid ""
"The time in seconds between two checks if the TGT should be renewed. TGTs "
"are renewed if about half of their lifetime is exceeded, given as an integer "
@@ -8465,56 +8591,89 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:397
+#: sssd-krb5.5.xml:406
msgid "If this option is not set or is 0 the automatic renewal is disabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:415
+#: sssd-krb5.5.xml:424
msgid ""
"<emphasis>never</emphasis> use FAST. This is equivalent to not setting this "
"option at all."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:419
+#: sssd-krb5.5.xml:428
msgid ""
"<emphasis>try</emphasis> to use FAST. If the server does not support FAST, "
"continue the authentication without it."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:429
+#: sssd-krb5.5.xml:438
msgid "Default: not set, i.e. FAST is not used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:432
+#: sssd-krb5.5.xml:441
msgid "NOTE: a keytab is required to use FAST."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:444
+#: sssd-krb5.5.xml:453
msgid "krb5_fast_principal (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:447
+#: sssd-krb5.5.xml:456
msgid "Specifies the server principal to use for FAST."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:456
+#: sssd-krb5.5.xml:465
msgid ""
"Specifies if the host and user principal should be canonicalized. This "
"feature is available with MIT Kerberos 1.7 and later versions."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:505
+#: sssd-krb5.5.xml:514
msgid "Default: false (AD provider: true)"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:520
+msgid "krb5_map_user (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:523
+msgid ""
+"The list of mappings is given as a comma-separated list of pairs "
+"<quote>username:primary</quote> where <quote>username</quote> is a UNIX user "
+"name and <quote>primary</quote> is a user part of a kerberos principal. This "
+"mapping is used when user is authenticating using <quote>auth_provider = "
+"krb5</quote>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd-krb5.5.xml:535
+#, no-wrap
+msgid ""
+"krb5_realm = REALM\n"
+"krb5_map_user = joe:juser,dick:richard\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:540
+msgid ""
+"<quote>joe</quote> and <quote>dick</quote> are UNIX user names and "
+"<quote>juser</quote> and <quote>richard</quote> are primaries of kerberos "
+"principals. For user <quote>joe</quote> resp. <quote>dick</quote> SSSD will "
+"try to kinit as <quote>juser@REALM</quote> resp. <quote>richard@REALM</"
+"quote>."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-krb5.5.xml:65
msgid ""
@@ -8526,7 +8685,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-krb5.5.xml:521
+#: sssd-krb5.5.xml:566
msgid ""
"The following example assumes that SSSD is correctly configured and FOO is "
"one of the domains in the <replaceable>[sssd]</replaceable> section. This "
@@ -8535,7 +8694,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-krb5.5.xml:529
+#: sssd-krb5.5.xml:574
#, no-wrap
msgid ""
" [domain/FOO]\n"
diff --git a/src/man/po/nl.po b/src/man/po/nl.po
index 4dbc9cac6..7cb358adc 100644
--- a/src/man/po/nl.po
+++ b/src/man/po/nl.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: sssd-docs 1.12.2\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2015-02-18 16:52+0100\n"
+"POT-Creation-Date: 2015-06-12 10:36+0200\n"
"PO-Revision-Date: 2014-06-04 02:04-0400\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Dutch (http://www.transifex.com/projects/p/sssd/language/"
@@ -18,7 +18,7 @@ msgstr ""
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"
-"X-Generator: Zanata 3.5.1\n"
+"X-Generator: Zanata 3.6.2\n"
#. type: Content of: <reference><title>
#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5
@@ -254,11 +254,11 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:81 sssd.conf.5.xml:571 sssd.conf.5.xml:1014
+#: sssd.conf.5.xml:81 sssd.conf.5.xml:602 sssd.conf.5.xml:1066
#: sssd-ldap.5.xml:1625 sssd-ldap.5.xml:1722 sssd-ldap.5.xml:1784
-#: sssd-ldap.5.xml:2273 sssd-ldap.5.xml:2338 sssd-ldap.5.xml:2356
+#: sssd-ldap.5.xml:2324 sssd-ldap.5.xml:2389 sssd-ldap.5.xml:2407
#: sssd-ipa.5.xml:378 sssd-ipa.5.xml:413 sssd-ad.5.xml:166 sssd-ad.5.xml:264
-#: sssd-ad.5.xml:714 sssd-ad.5.xml:806 sssd-krb5.5.xml:490
+#: sssd-ad.5.xml:714 sssd-ad.5.xml:806 sssd-krb5.5.xml:499
msgid "Default: true"
msgstr "Standaard: true"
@@ -275,16 +275,16 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:94 sssd.conf.5.xml:968 sssd.conf.5.xml:2043
+#: sssd.conf.5.xml:94 sssd.conf.5.xml:1020 sssd.conf.5.xml:2095
#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1499 sssd-ldap.5.xml:1518
-#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:2060 sssd-ipa.5.xml:139
-#: sssd-ipa.5.xml:208 sssd-ipa.5.xml:543 sssd-krb5.5.xml:257
-#: sssd-krb5.5.xml:291 sssd-krb5.5.xml:462
+#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:2111 sssd-ipa.5.xml:139
+#: sssd-ipa.5.xml:208 sssd-ipa.5.xml:543 sssd-krb5.5.xml:266
+#: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471
msgid "Default: false"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:67 sssd.conf.5.xml:105 sssd-ldap.5.xml:2081
+#: sssd.conf.5.xml:67 sssd.conf.5.xml:105 sssd-ldap.5.xml:2132
msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
@@ -321,7 +321,7 @@ msgid "The [sssd] section"
msgstr "De [sssd] sectie"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:137 sssd.conf.5.xml:2127
+#: sssd.conf.5.xml:137 sssd.conf.5.xml:2179
msgid "Section parameters"
msgstr "Sectie parameters"
@@ -395,7 +395,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:193 sssd.conf.5.xml:1826
+#: sssd.conf.5.xml:193 sssd.conf.5.xml:1878
msgid "re_expression (string)"
msgstr "re_expression (tekst)"
@@ -415,12 +415,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:210 sssd.conf.5.xml:1877
+#: sssd.conf.5.xml:210 sssd.conf.5.xml:1929
msgid "full_name_format (string)"
msgstr "full_name_format (tekst)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:213 sssd.conf.5.xml:1880
+#: sssd.conf.5.xml:213 sssd.conf.5.xml:1932
msgid ""
"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
"manvolnum> </citerefentry>-compatible format that describes how to compose a "
@@ -428,39 +428,39 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:224 sssd.conf.5.xml:1891
+#: sssd.conf.5.xml:224 sssd.conf.5.xml:1943
msgid "%1$s"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:225 sssd.conf.5.xml:1892
+#: sssd.conf.5.xml:225 sssd.conf.5.xml:1944
msgid "user name"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:228 sssd.conf.5.xml:1895
+#: sssd.conf.5.xml:228 sssd.conf.5.xml:1947
msgid "%2$s"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:231 sssd.conf.5.xml:1898
+#: sssd.conf.5.xml:231 sssd.conf.5.xml:1950
msgid "domain name as specified in the SSSD config file."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:237 sssd.conf.5.xml:1904
+#: sssd.conf.5.xml:237 sssd.conf.5.xml:1956
msgid "%3$s"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:240 sssd.conf.5.xml:1907
+#: sssd.conf.5.xml:240 sssd.conf.5.xml:1959
msgid ""
"domain flat name. Mostly usable for Active Directory domains, both directly "
"configured or discovered via IPA trusts."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:221 sssd.conf.5.xml:1888
+#: sssd.conf.5.xml:221 sssd.conf.5.xml:1940
msgid ""
"The following expansions are supported: <placeholder type=\"variablelist\" "
"id=\"0\"/>"
@@ -593,8 +593,8 @@ msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:336 sssd-ldap.5.xml:663 sssd-ldap.5.xml:1458
#: sssd-ldap.5.xml:1470 sssd-ldap.5.xml:1552 sssd-ad.5.xml:557
-#: sssd-ad.5.xml:627 sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:203
-#: include/ldap_id_mapping.xml:214
+#: sssd-ad.5.xml:627 sssd-krb5.5.xml:410 sssd-krb5.5.xml:550
+#: include/ldap_id_mapping.xml:203 include/ldap_id_mapping.xml:214
msgid "Default: not set"
msgstr ""
@@ -697,18 +697,18 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:427 sssd.conf.5.xml:443 sssd.conf.5.xml:475
-#: sssd.conf.5.xml:702 sssd.conf.5.xml:888 sssd.conf.5.xml:1209
+#: sssd.conf.5.xml:733 sssd.conf.5.xml:919 sssd.conf.5.xml:1261
#: sssd-ldap.5.xml:1200
msgid "Default: 60"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:432 sssd.conf.5.xml:1198
+#: sssd.conf.5.xml:432 sssd.conf.5.xml:1250
msgid "force_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:435 sssd.conf.5.xml:1201
+#: sssd.conf.5.xml:435 sssd.conf.5.xml:1253
msgid ""
"If a service is not responding to ping checks (see the <quote>timeout</"
"quote> option), it is first sent the SIGTERM signal that instructs it to "
@@ -755,13 +755,65 @@ msgid ""
"will be forced to one hour."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:480
+msgid "subdomain_inherit (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:483
+msgid ""
+"Specifies a list of configuration parameters that should be inherited by a "
+"subdomain. Please note that only selected parameters can be inherited. "
+"Currently the following options can be inherited:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:489
+msgid "ignore_group_members"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:492
+msgid "ldap_purge_cache_timeout"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:495 sssd-ldap.5.xml:1017
+msgid "ldap_use_tokengroups"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:498
+msgid "ldap_user_principal"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd.conf.5.xml:503
+#, no-wrap
+msgid ""
+"subdomain_inherit = ldap_purge_cache_timeout\n"
+" "
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:501
+msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:507 sssd.conf.5.xml:963 sssd.conf.5.xml:984
+#: sssd.conf.5.xml:1244 sssd-ldap.5.xml:1753
+msgid "Default: none"
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:484
+#: sssd.conf.5.xml:515
msgid "NSS configuration options"
msgstr "NSS configuratie-opties"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:486
+#: sssd.conf.5.xml:517
msgid ""
"These options can be used to configure the Name Service Switch (NSS) service."
msgstr ""
@@ -769,12 +821,12 @@ msgstr ""
"configurere."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:491
+#: sssd.conf.5.xml:522
msgid "enum_cache_timeout (integer)"
msgstr "enum_cache_timeout (numeriek)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:494
+#: sssd.conf.5.xml:525
msgid ""
"How many seconds should nss_sss cache enumerations (requests for info about "
"all users)"
@@ -783,17 +835,17 @@ msgstr ""
"over alle gebruikers)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:498
+#: sssd.conf.5.xml:529
msgid "Default: 120"
msgstr "Standaard: 120"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:503
+#: sssd.conf.5.xml:534
msgid "entry_cache_nowait_percentage (integer)"
msgstr "entry_cache_nowait_percentage (numeriek)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:506
+#: sssd.conf.5.xml:537
msgid ""
"The entry cache can be set to automatically update entries in the background "
"if they are requested beyond a percentage of the entry_cache_timeout value "
@@ -801,7 +853,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:512
+#: sssd.conf.5.xml:543
msgid ""
"For example, if the domain's entry_cache_timeout is set to 30s and "
"entry_cache_nowait_percentage is set to 50 (percent), entries that come in "
@@ -811,7 +863,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:522
+#: sssd.conf.5.xml:553
msgid ""
"Valid values for this option are 0-99 and represent a percentage of the "
"entry_cache_timeout for each domain. For performance reasons, this "
@@ -820,17 +872,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:530
+#: sssd.conf.5.xml:561
msgid "Default: 50"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:535
+#: sssd.conf.5.xml:566
msgid "entry_negative_timeout (integer)"
msgstr "entry_negative_timeout (numeriek)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:538
+#: sssd.conf.5.xml:569
msgid ""
"Specifies for how many seconds nss_sss should cache negative cache hits "
"(that is, queries for invalid database entries, like nonexistent ones) "
@@ -838,17 +890,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:544 sssd.conf.5.xml:992
+#: sssd.conf.5.xml:575 sssd.conf.5.xml:1044
msgid "Default: 15"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:549
+#: sssd.conf.5.xml:580
msgid "filter_users, filter_groups (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:552
+#: sssd.conf.5.xml:583
msgid ""
"Exclude certain users from being fetched from the sss NSS database. This is "
"particularly useful for system accounts. This option can also be set per-"
@@ -857,41 +909,41 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:559
+#: sssd.conf.5.xml:590
msgid "Default: root"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:564
+#: sssd.conf.5.xml:595
msgid "filter_users_in_groups (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:567
+#: sssd.conf.5.xml:598
msgid ""
"If you want filtered user still be group members set this option to false."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:578
+#: sssd.conf.5.xml:609
msgid "fallback_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:581
+#: sssd.conf.5.xml:612
msgid ""
"Set a default template for a user's home directory if one is not specified "
"explicitly by the domain's data provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:586
+#: sssd.conf.5.xml:617
msgid ""
"The available values for this option are the same as for override_homedir."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
-#: sssd.conf.5.xml:592
+#: sssd.conf.5.xml:623
#, no-wrap
msgid ""
"fallback_homedir = /home/%u\n"
@@ -899,22 +951,23 @@ msgid ""
msgstr ""
#. type: Content of: <varlistentry><listitem><para>
-#: sssd.conf.5.xml:590 include/override_homedir.xml:55
+#: sssd.conf.5.xml:621 sssd.conf.5.xml:978 sssd-krb5.5.xml:533
+#: include/override_homedir.xml:55
msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:596
+#: sssd.conf.5.xml:627
msgid "Default: not set (no substitution for unset home directories)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:602
+#: sssd.conf.5.xml:633
msgid "override_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:605
+#: sssd.conf.5.xml:636
msgid ""
"Override the login shell for all users. This option supersedes any other "
"shell options if it takes effect and can be set either in the [nss] section "
@@ -922,49 +975,49 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:611
+#: sssd.conf.5.xml:642
msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:617
+#: sssd.conf.5.xml:648
msgid "allowed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:620
+#: sssd.conf.5.xml:651
msgid ""
"Restrict user shell to one of the listed values. The order of evaluation is:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:623
+#: sssd.conf.5.xml:654
msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:627
+#: sssd.conf.5.xml:658
msgid ""
"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
"quote>, use the value of the shell_fallback parameter."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:632
+#: sssd.conf.5.xml:663
msgid ""
"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
"shells</quote>, a nologin shell is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:637
+#: sssd.conf.5.xml:668
#, fuzzy
#| msgid "These options can be used to configure any service."
msgid "The wildcard (*) can be used to allow any shell."
msgstr "Deze opties kunnen gebruikt worden om services te configureren."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:640
+#: sssd.conf.5.xml:671
msgid ""
"The (*) is useful if you want to use shell_fallback in case that user's "
"shell is not in <quote>/etc/shells</quote> and maintaining list of all "
@@ -972,103 +1025,103 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:647
+#: sssd.conf.5.xml:678
msgid "An empty string for shell is passed as-is to libc."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:650
+#: sssd.conf.5.xml:681
msgid ""
"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
"that a restart of the SSSD is required in case a new shell is installed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:654
+#: sssd.conf.5.xml:685
msgid "Default: Not set. The user shell is automatically used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:659
+#: sssd.conf.5.xml:690
msgid "vetoed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:662
+#: sssd.conf.5.xml:693
msgid "Replace any instance of these shells with the shell_fallback"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:667
+#: sssd.conf.5.xml:698
msgid "shell_fallback (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:670
+#: sssd.conf.5.xml:701
msgid ""
"The default shell to use if an allowed shell is not installed on the machine."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:674
+#: sssd.conf.5.xml:705
msgid "Default: /bin/sh"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:679
+#: sssd.conf.5.xml:710
msgid "default_shell"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:682
+#: sssd.conf.5.xml:713
msgid ""
"The default shell to use if the provider does not return one during lookup. "
"This option can be specified globally in the [nss] section or per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:688
+#: sssd.conf.5.xml:719
msgid ""
"Default: not set (Return NULL if no shell is specified and rely on libc to "
"substitute something sensible when necessary, usually /bin/sh)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:695 sssd.conf.5.xml:881
+#: sssd.conf.5.xml:726 sssd.conf.5.xml:912
msgid "get_domains_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:698 sssd.conf.5.xml:884
+#: sssd.conf.5.xml:729 sssd.conf.5.xml:915
msgid ""
"Specifies time in seconds for which the list of subdomains will be "
"considered valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:707
+#: sssd.conf.5.xml:738
msgid "memcache_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:710
+#: sssd.conf.5.xml:741
msgid ""
"Specifies time in seconds for which records in the in-memory cache will be "
"valid"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:714 sssd-ldap.5.xml:706
+#: sssd.conf.5.xml:745 sssd-ldap.5.xml:706
msgid "Default: 300"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:719 sssd-ifp.5.xml:74
+#: sssd.conf.5.xml:750 sssd-ifp.5.xml:74
msgid "user_attributes (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:722
+#: sssd.conf.5.xml:753
msgid ""
"Some of the additional NSS responder requests can return more attributes "
"than just the POSIX ones defined by the NSS interface. The list of "
@@ -1079,72 +1132,72 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:735
+#: sssd.conf.5.xml:766
msgid ""
"To make configuration more easy the NSS responder will check the InfoPipe "
"option if it is not set for the NSS responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:740
+#: sssd.conf.5.xml:771
msgid "Default: not set, fallback to InfoPipe option"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:747
+#: sssd.conf.5.xml:778
msgid "PAM configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:749
+#: sssd.conf.5.xml:780
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:754
+#: sssd.conf.5.xml:785
msgid "offline_credentials_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:757
+#: sssd.conf.5.xml:788
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:762 sssd.conf.5.xml:775
+#: sssd.conf.5.xml:793 sssd.conf.5.xml:806
msgid "Default: 0 (No limit)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:768
+#: sssd.conf.5.xml:799
msgid "offline_failed_login_attempts (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:771
+#: sssd.conf.5.xml:802
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:781
+#: sssd.conf.5.xml:812
msgid "offline_failed_login_delay (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:784
+#: sssd.conf.5.xml:815
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:789
+#: sssd.conf.5.xml:820
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -1152,59 +1205,59 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:795 sssd.conf.5.xml:848
+#: sssd.conf.5.xml:826 sssd.conf.5.xml:879
msgid "Default: 5"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:801
+#: sssd.conf.5.xml:832
msgid "pam_verbosity (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:804
+#: sssd.conf.5.xml:835
msgid ""
"Controls what kind of messages are shown to the user during authentication. "
"The higher the number to more messages are displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:809
+#: sssd.conf.5.xml:840
msgid "Currently sssd supports the following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:812
+#: sssd.conf.5.xml:843
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:815
+#: sssd.conf.5.xml:846
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:819
+#: sssd.conf.5.xml:850
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:822
+#: sssd.conf.5.xml:853
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:826 sssd.8.xml:63
+#: sssd.conf.5.xml:857 sssd.8.xml:63
msgid "Default: 1"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:831
+#: sssd.conf.5.xml:862
msgid "pam_id_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:834
+#: sssd.conf.5.xml:865
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -1212,7 +1265,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:840
+#: sssd.conf.5.xml:871
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a per-"
@@ -1221,17 +1274,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:854
+#: sssd.conf.5.xml:885
msgid "pam_pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:857 sssd.conf.5.xml:1390
+#: sssd.conf.5.xml:888 sssd.conf.5.xml:1442
msgid "Display a warning N days before the password expires."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:860
+#: sssd.conf.5.xml:891
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1239,31 +1292,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:866 sssd.conf.5.xml:1393
+#: sssd.conf.5.xml:897 sssd.conf.5.xml:1445
msgid ""
"If zero is set, then this filter is not applied, i.e. if the expiration "
"warning was received from backend server, it will automatically be displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:871
+#: sssd.conf.5.xml:902
msgid ""
"This setting can be overridden by setting <emphasis>pwd_expiration_warning</"
"emphasis> for a particular domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:876 sssd.8.xml:79
+#: sssd.conf.5.xml:907 sssd.8.xml:79
msgid "Default: 0"
msgstr "Standaard: 0"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:893
+#: sssd.conf.5.xml:924
msgid "pam_trusted_users (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:896
+#: sssd.conf.5.xml:927
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAM responder. User names are resolved to UIDs at "
@@ -1271,59 +1324,75 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:902
+#: sssd.conf.5.xml:933
msgid "Default: all (All users are allowed to access the PAM responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:906
+#: sssd.conf.5.xml:937
msgid ""
"Please note that UID 0 is always allowed to access the PAM responder even in "
"case it is not in the pam_trusted_users list."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:913
+#: sssd.conf.5.xml:944
msgid "pam_public_domains (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:916
+#: sssd.conf.5.xml:947
msgid ""
"Specifies the comma-separated list of domain names that are accessible even "
"to untrusted users."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:920
+#: sssd.conf.5.xml:951
msgid "Two special values for pam_public_domains option are defined:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:924
+#: sssd.conf.5.xml:955
msgid ""
"all (Untrusted users are allowed to access all domains in PAM responder.)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:928
+#: sssd.conf.5.xml:959
msgid ""
"none (Untrusted users are not allowed to access any domains PAM in "
"responder.)"
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:932 sssd.conf.5.xml:1192 sssd-ldap.5.xml:1753
-msgid "Default: none"
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:968
+msgid "pam_account_expired_message (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:971
+msgid ""
+"If user is authenticating using SSH keys and account is expired then by "
+"default 'Permission denied' is output. This output will be changed to "
+"content of this variable if it is set."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd.conf.5.xml:980
+#, no-wrap
+msgid ""
+"pam_account_expired_message = Account expired, please call help desk.\n"
+" "
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:941
+#: sssd.conf.5.xml:993
msgid "SUDO configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:943
+#: sssd.conf.5.xml:995
msgid ""
"These options can be used to configure the sudo service. The detailed "
"instructions for configuration of <citerefentry> <refentrytitle>sudo</"
@@ -1334,34 +1403,34 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:960
+#: sssd.conf.5.xml:1012
msgid "sudo_timed (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:1015
msgid ""
"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
"that implement time-dependent sudoers entries."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:976
+#: sssd.conf.5.xml:1028
msgid "AUTOFS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:978
+#: sssd.conf.5.xml:1030
msgid "These options can be used to configure the autofs service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:982
+#: sssd.conf.5.xml:1034
msgid "autofs_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:985
+#: sssd.conf.5.xml:1037
msgid ""
"Specifies for how many seconds should the autofs responder negative cache "
"hits (that is, queries for invalid map entries, like nonexistent ones) "
@@ -1369,51 +1438,51 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1001
+#: sssd.conf.5.xml:1053
msgid "SSH configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1003
+#: sssd.conf.5.xml:1055
msgid "These options can be used to configure the SSH service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1007
+#: sssd.conf.5.xml:1059
msgid "ssh_hash_known_hosts (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1010
+#: sssd.conf.5.xml:1062
msgid ""
"Whether or not to hash host names and addresses in the managed known_hosts "
"file."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1019
+#: sssd.conf.5.xml:1071
msgid "ssh_known_hosts_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1022
+#: sssd.conf.5.xml:1074
msgid ""
"How many seconds to keep a host in the managed known_hosts file after its "
"host keys were requested."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1026
+#: sssd.conf.5.xml:1078
msgid "Default: 180"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1034
+#: sssd.conf.5.xml:1086
msgid "PAC responder configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1036
+#: sssd.conf.5.xml:1088
msgid ""
"The PAC responder works together with the authorization data plugin for MIT "
"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
@@ -1425,7 +1494,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1045
+#: sssd.conf.5.xml:1097
msgid ""
"If the remote user does not exist in the cache, it is created. The uid is "
"determined with the help of the SID, trusted domains will have UPGs and the "
@@ -1436,24 +1505,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1053
+#: sssd.conf.5.xml:1105
msgid ""
"If there are SIDs of groups from domains sssd knows about, the user will be "
"added to those groups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1059
+#: sssd.conf.5.xml:1111
msgid "These options can be used to configure the PAC responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1063 sssd-ifp.5.xml:50
+#: sssd.conf.5.xml:1115 sssd-ifp.5.xml:50
msgid "allowed_uids (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1066
+#: sssd.conf.5.xml:1118
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAC responder. User names are resolved to UIDs at "
@@ -1461,12 +1530,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1072
+#: sssd.conf.5.xml:1124
msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1076
+#: sssd.conf.5.xml:1128
msgid ""
"Please note that although the UID 0 is used as the default it will be "
"overwritten with this option. If you still want to allow the root user to "
@@ -1475,24 +1544,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:1090
+#: sssd.conf.5.xml:1142
msgid "DOMAIN SECTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1097
+#: sssd.conf.5.xml:1149
msgid "min_id,max_id (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1100
+#: sssd.conf.5.xml:1152
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1105
+#: sssd.conf.5.xml:1157
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For non-"
@@ -1501,47 +1570,47 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1112
+#: sssd.conf.5.xml:1164
msgid ""
"These ID limits affect even saving entries to cache, not only returning them "
"by name or ID."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1116
+#: sssd.conf.5.xml:1168
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1122
+#: sssd.conf.5.xml:1174
msgid "enumerate (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1125
+#: sssd.conf.5.xml:1177
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1129
+#: sssd.conf.5.xml:1181
msgid "TRUE = Users and groups are enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1132
+#: sssd.conf.5.xml:1184
msgid "FALSE = No enumerations for this domain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1135 sssd.conf.5.xml:1367 sssd.conf.5.xml:1476
-#: sssd.conf.5.xml:1493
+#: sssd.conf.5.xml:1187 sssd.conf.5.xml:1419 sssd.conf.5.xml:1528
+#: sssd.conf.5.xml:1545
msgid "Default: FALSE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1138
+#: sssd.conf.5.xml:1190
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
@@ -1553,14 +1622,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1151
+#: sssd.conf.5.xml:1203
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1156
+#: sssd.conf.5.xml:1208
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -1569,39 +1638,39 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1164
+#: sssd.conf.5.xml:1216
msgid ""
"For the reasons cited above, enabling enumeration is not recommended, "
"especially in large environments."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1172
+#: sssd.conf.5.xml:1224
msgid "subdomain_enumerate (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1179
+#: sssd.conf.5.xml:1231
msgid "all"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1180
+#: sssd.conf.5.xml:1232
msgid "All discovered trusted domains will be enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1183
+#: sssd.conf.5.xml:1235
msgid "none"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1184
+#: sssd.conf.5.xml:1236
msgid "No discovered trusted domains will be enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1175
+#: sssd.conf.5.xml:1227
msgid ""
"Whether any of autodetected trusted domains should be enumerated. The "
"supported values are: <placeholder type=\"variablelist\" id=\"0\"/> "
@@ -1610,19 +1679,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1215
+#: sssd.conf.5.xml:1267
msgid "entry_cache_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1218
+#: sssd.conf.5.xml:1270
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1222
+#: sssd.conf.5.xml:1274
msgid ""
"The cache expiration timestamps are stored as attributes of individual "
"objects in the cache. Therefore, changing the cache timeout only has effect "
@@ -1633,150 +1702,151 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1235
+#: sssd.conf.5.xml:1287
msgid "Default: 5400"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1241
+#: sssd.conf.5.xml:1293
msgid "entry_cache_user_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1244
+#: sssd.conf.5.xml:1296
msgid ""
"How many seconds should nss_sss consider user entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1248 sssd.conf.5.xml:1261 sssd.conf.5.xml:1274
-#: sssd.conf.5.xml:1287 sssd.conf.5.xml:1300 sssd.conf.5.xml:1314
-#: sssd.conf.5.xml:1328
+#: sssd.conf.5.xml:1300 sssd.conf.5.xml:1313 sssd.conf.5.xml:1326
+#: sssd.conf.5.xml:1339 sssd.conf.5.xml:1352 sssd.conf.5.xml:1366
+#: sssd.conf.5.xml:1380
msgid "Default: entry_cache_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1254
+#: sssd.conf.5.xml:1306
msgid "entry_cache_group_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1257
+#: sssd.conf.5.xml:1309
msgid ""
"How many seconds should nss_sss consider group entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1267
+#: sssd.conf.5.xml:1319
msgid "entry_cache_netgroup_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1270
+#: sssd.conf.5.xml:1322
msgid ""
"How many seconds should nss_sss consider netgroup entries valid before "
"asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1280
+#: sssd.conf.5.xml:1332
msgid "entry_cache_service_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1283
+#: sssd.conf.5.xml:1335
msgid ""
"How many seconds should nss_sss consider service entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1293
+#: sssd.conf.5.xml:1345
msgid "entry_cache_sudo_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1296
+#: sssd.conf.5.xml:1348
msgid ""
"How many seconds should sudo consider rules valid before asking the backend "
"again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1306
+#: sssd.conf.5.xml:1358
msgid "entry_cache_autofs_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1309
+#: sssd.conf.5.xml:1361
msgid ""
"How many seconds should the autofs service consider automounter maps valid "
"before asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1320
+#: sssd.conf.5.xml:1372
msgid "entry_cache_ssh_host_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1323
+#: sssd.conf.5.xml:1375
msgid ""
"How many seconds to keep a host ssh key after refresh. IE how long to cache "
"the host key for."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1334
+#: sssd.conf.5.xml:1386
msgid "refresh_expired_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1337
+#: sssd.conf.5.xml:1389
msgid ""
"Specifies how many seconds SSSD has to wait before triggering a background "
"refresh task which will refresh all expired or nearly expired records."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1342
-msgid "Currently only refreshing expired netgroups is supported."
+#: sssd.conf.5.xml:1394
+msgid ""
+"The background refresh will process users, groups and netgroups in the cache."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1346
+#: sssd.conf.5.xml:1398
msgid "You can consider setting this value to 3/4 * entry_cache_timeout."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1350 sssd-ipa.5.xml:224
+#: sssd.conf.5.xml:1402 sssd-ipa.5.xml:224
msgid "Default: 0 (disabled)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1356
+#: sssd.conf.5.xml:1408
msgid "cache_credentials (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1359
+#: sssd.conf.5.xml:1411
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1363
+#: sssd.conf.5.xml:1415
msgid "User credentials are stored in a SHA512 hash, not in plaintext"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1372
+#: sssd.conf.5.xml:1424
msgid "account_cache_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1375
+#: sssd.conf.5.xml:1427
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -1785,17 +1855,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1382
+#: sssd.conf.5.xml:1434
msgid "Default: 0 (unlimited)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1387
+#: sssd.conf.5.xml:1439
msgid "pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1398
+#: sssd.conf.5.xml:1450
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1804,33 +1874,33 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1405
+#: sssd.conf.5.xml:1457
msgid "Default: 7 (Kerberos), 0 (LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1411
+#: sssd.conf.5.xml:1463
msgid "id_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1414
+#: sssd.conf.5.xml:1466
msgid ""
"The identification provider used for the domain. Supported ID providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1418
+#: sssd.conf.5.xml:1470
msgid "<quote>proxy</quote>: Support a legacy NSS provider"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1421 sssd.conf.5.xml:1539
+#: sssd.conf.5.xml:1473 sssd.conf.5.xml:1591
msgid "<quote>local</quote>: SSSD internal provider for local users"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1425
+#: sssd.conf.5.xml:1477
msgid ""
"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
@@ -1838,8 +1908,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1433 sssd.conf.5.xml:1519 sssd.conf.5.xml:1574
-#: sssd.conf.5.xml:1627
+#: sssd.conf.5.xml:1485 sssd.conf.5.xml:1571 sssd.conf.5.xml:1626
+#: sssd.conf.5.xml:1679
msgid ""
"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -1848,8 +1918,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1442 sssd.conf.5.xml:1528 sssd.conf.5.xml:1583
-#: sssd.conf.5.xml:1636
+#: sssd.conf.5.xml:1494 sssd.conf.5.xml:1580 sssd.conf.5.xml:1635
+#: sssd.conf.5.xml:1688
msgid ""
"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1857,19 +1927,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1453
+#: sssd.conf.5.xml:1505
msgid "use_fully_qualified_names (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1456
+#: sssd.conf.5.xml:1508
msgid ""
"Use the full name and domain (as formatted by the domain's full_name_format) "
"as the user's login name reported to NSS."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1461
+#: sssd.conf.5.xml:1513
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified names. "
"For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -1878,7 +1948,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1469
+#: sssd.conf.5.xml:1521
msgid ""
"NOTE: This option has no effect on netgroup lookups due to their tendency to "
"include nested netgroups without qualified names. For netgroups, all domains "
@@ -1886,17 +1956,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1481
+#: sssd.conf.5.xml:1533
msgid "ignore_group_members (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1484
+#: sssd.conf.5.xml:1536
msgid "Do not return group members for group lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1487
+#: sssd.conf.5.xml:1539
msgid ""
"If set to TRUE, the group membership attribute is not requested from the "
"ldap server, and group members are not returned when processing group lookup "
@@ -1904,19 +1974,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1498
+#: sssd.conf.5.xml:1550
msgid "auth_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1501
+#: sssd.conf.5.xml:1553
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1505 sssd.conf.5.xml:1567
+#: sssd.conf.5.xml:1557 sssd.conf.5.xml:1619
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1924,7 +1994,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1512
+#: sssd.conf.5.xml:1564
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1932,30 +2002,30 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1536
+#: sssd.conf.5.xml:1588
msgid ""
"<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1543
+#: sssd.conf.5.xml:1595
msgid "<quote>none</quote> disables authentication explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1546
+#: sssd.conf.5.xml:1598
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1552
+#: sssd.conf.5.xml:1604
msgid "access_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1555
+#: sssd.conf.5.xml:1607
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -1963,19 +2033,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1561
+#: sssd.conf.5.xml:1613
msgid ""
"<quote>permit</quote> always allow access. It's the only permitted access "
"provider for a local domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1564
+#: sssd.conf.5.xml:1616
msgid "<quote>deny</quote> always deny access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1591
+#: sssd.conf.5.xml:1643
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
@@ -1984,24 +2054,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1598
+#: sssd.conf.5.xml:1650
msgid "Default: <quote>permit</quote>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1603
+#: sssd.conf.5.xml:1655
msgid "chpass_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1606
+#: sssd.conf.5.xml:1658
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1611
+#: sssd.conf.5.xml:1663
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
@@ -2009,7 +2079,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1619
+#: sssd.conf.5.xml:1671
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2017,35 +2087,35 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1644
+#: sssd.conf.5.xml:1696
msgid ""
"<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1648
+#: sssd.conf.5.xml:1700
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1651
+#: sssd.conf.5.xml:1703
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1658
+#: sssd.conf.5.xml:1710
msgid "sudo_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1661
+#: sssd.conf.5.xml:1713
msgid "The SUDO provider used for the domain. Supported SUDO providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1665
+#: sssd.conf.5.xml:1717
msgid ""
"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2053,32 +2123,32 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1673
+#: sssd.conf.5.xml:1725
msgid ""
"<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default "
"settings."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1677
+#: sssd.conf.5.xml:1729
msgid ""
"<quote>ad</quote> the same as <quote>ldap</quote> but with AD default "
"settings."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1681
+#: sssd.conf.5.xml:1733
msgid "<quote>none</quote> disables SUDO explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1684 sssd.conf.5.xml:1762 sssd.conf.5.xml:1794
-#: sssd.conf.5.xml:1819
+#: sssd.conf.5.xml:1736 sssd.conf.5.xml:1814 sssd.conf.5.xml:1846
+#: sssd.conf.5.xml:1871
msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1688
+#: sssd.conf.5.xml:1740
msgid ""
"The detailed instructions for configuration of sudo_provider are in the "
"manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> "
@@ -2089,12 +2159,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1705
+#: sssd.conf.5.xml:1757
msgid "selinux_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1708
+#: sssd.conf.5.xml:1760
msgid ""
"The provider which should handle loading of selinux settings. Note that this "
"provider will be called right after access provider ends. Supported selinux "
@@ -2102,7 +2172,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1714
+#: sssd.conf.5.xml:1766
msgid ""
"<quote>ipa</quote> to load selinux settings from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2110,31 +2180,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1722
+#: sssd.conf.5.xml:1774
msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1725
+#: sssd.conf.5.xml:1777
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"selinux loading requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1731
+#: sssd.conf.5.xml:1783
msgid "subdomains_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1734
+#: sssd.conf.5.xml:1786
msgid ""
"The provider which should handle fetching of subdomains. This value should "
"be always the same as id_provider. Supported subdomain providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1740
+#: sssd.conf.5.xml:1792
msgid ""
"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2142,7 +2212,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1749
+#: sssd.conf.5.xml:1801
msgid ""
"<quote>ad</quote> to load a list of subdomains from an Active Directory "
"server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> "
@@ -2151,23 +2221,23 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1758
+#: sssd.conf.5.xml:1810
msgid "<quote>none</quote> disallows fetching subdomains explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1769
+#: sssd.conf.5.xml:1821
msgid "autofs_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1772
+#: sssd.conf.5.xml:1824
msgid ""
"The autofs provider used for the domain. Supported autofs providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1776
+#: sssd.conf.5.xml:1828
msgid ""
"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2175,7 +2245,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1783
+#: sssd.conf.5.xml:1835
msgid ""
"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2183,24 +2253,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1791
+#: sssd.conf.5.xml:1843
msgid "<quote>none</quote> disables autofs explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1801
+#: sssd.conf.5.xml:1853
msgid "hostid_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1804
+#: sssd.conf.5.xml:1856
msgid ""
"The provider used for retrieving host identity information. Supported "
"hostid providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1808
+#: sssd.conf.5.xml:1860
msgid ""
"<quote>ipa</quote> to load host identity stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2208,12 +2278,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1816
+#: sssd.conf.5.xml:1868
msgid "<quote>none</quote> disables hostid explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1829
+#: sssd.conf.5.xml:1881
msgid ""
"Regular expression for this domain that describes how to parse the string "
"containing user name and domain into these components. The \"domain\" can "
@@ -2223,7 +2293,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1838
+#: sssd.conf.5.xml:1890
msgid ""
"Default for the AD and IPA provider: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
"\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
@@ -2232,29 +2302,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1843
+#: sssd.conf.5.xml:1895
msgid "username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1846
+#: sssd.conf.5.xml:1898
msgid "username@domain.name"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1849
+#: sssd.conf.5.xml:1901
msgid "domain\\username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1852
+#: sssd.conf.5.xml:1904
msgid ""
"While the first two correspond to the general default the third one is "
"introduced to allow easy integration of users from Windows domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1857
+#: sssd.conf.5.xml:1909
msgid ""
"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
"which translates to \"the name is everything up to the <quote>@</quote> "
@@ -2265,7 +2335,7 @@ msgstr ""
"het domein alles daarna\""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1863
+#: sssd.conf.5.xml:1915
msgid ""
"PLEASE NOTE: the support for non-unique named subpatterns is not available "
"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
@@ -2273,7 +2343,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1870
+#: sssd.conf.5.xml:1922
msgid ""
"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?"
"P&lt;name&gt;) to label subpatterns."
@@ -2282,59 +2352,59 @@ msgstr ""
"(?P&lt;name&gt;) om subpatronen aan te geven."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1917
+#: sssd.conf.5.xml:1969
msgid "Default: <quote>%1$s@%2$s</quote>."
msgstr "Standaard: <quote>%1$s@%2$s</quote>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1923
+#: sssd.conf.5.xml:1975
msgid "lookup_family_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1926
+#: sssd.conf.5.xml:1978
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1930
+#: sssd.conf.5.xml:1982
msgid "Supported values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1933
+#: sssd.conf.5.xml:1985
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1936
+#: sssd.conf.5.xml:1988
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1939
+#: sssd.conf.5.xml:1991
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1942
+#: sssd.conf.5.xml:1994
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1945
+#: sssd.conf.5.xml:1997
msgid "Default: ipv4_first"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1951
+#: sssd.conf.5.xml:2003
msgid "dns_resolver_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1954
+#: sssd.conf.5.xml:2006
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -2342,70 +2412,70 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1960 sssd-ldap.5.xml:1184 sssd-ldap.5.xml:1226
-#: sssd-ldap.5.xml:1241 sssd-krb5.5.xml:239
+#: sssd.conf.5.xml:2012 sssd-ldap.5.xml:1184 sssd-ldap.5.xml:1226
+#: sssd-ldap.5.xml:1241 sssd-krb5.5.xml:248
msgid "Default: 6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1966
+#: sssd.conf.5.xml:2018
msgid "dns_discovery_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1969
+#: sssd.conf.5.xml:2021
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1973
+#: sssd.conf.5.xml:2025
msgid "Default: Use the domain part of machine's hostname"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1979
+#: sssd.conf.5.xml:2031
msgid "override_gid (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1982
+#: sssd.conf.5.xml:2034
msgid "Override the primary GID value with the one specified."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1988
+#: sssd.conf.5.xml:2040
msgid "case_sensitive (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1996
+#: sssd.conf.5.xml:2048
msgid "True"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1999
+#: sssd.conf.5.xml:2051
msgid "Case sensitive. This value is invalid for AD provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2005
+#: sssd.conf.5.xml:2057
msgid "False"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2007
+#: sssd.conf.5.xml:2059
msgid "Case insensitive."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2011
+#: sssd.conf.5.xml:2063
msgid "Preserving"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2014
+#: sssd.conf.5.xml:2066
msgid ""
"Same as False (case insensitive), but does not lowercase names in the result "
"of NSS operations. Note that name aliases (and in case of services also "
@@ -2413,7 +2483,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1991
+#: sssd.conf.5.xml:2043
msgid ""
"Treat user and group names as case sensitive. At the moment, this option is "
"not supported in the local provider. Possible option values are: "
@@ -2421,17 +2491,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2026
+#: sssd.conf.5.xml:2078
msgid "Default: True (False for AD provider)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2032
+#: sssd.conf.5.xml:2084
msgid "proxy_fast_alias (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2035
+#: sssd.conf.5.xml:2087
msgid ""
"When a user or group is looked up by name in the proxy provider, a second "
"lookup by ID is performed to \"canonicalize\" the name in case the requested "
@@ -2440,22 +2510,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2049
+#: sssd.conf.5.xml:2101
msgid "subdomain_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2060
+#: sssd.conf.5.xml:2112
msgid "%F"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2061
+#: sssd.conf.5.xml:2113
msgid "flat (NetBIOS) name of a subdomain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2052
+#: sssd.conf.5.xml:2104
msgid ""
"Use this homedir as default value for all subdomains within this domain in "
"IPA AD trust. See <emphasis>override_homedir</emphasis> for info about "
@@ -2465,29 +2535,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2066
+#: sssd.conf.5.xml:2118
msgid ""
"The value can be overridden by <emphasis>override_homedir</emphasis> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2070
+#: sssd.conf.5.xml:2122
msgid "Default: <filename>/home/%d/%u</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2075
+#: sssd.conf.5.xml:2127
msgid "realmd_tags (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2078
+#: sssd.conf.5.xml:2130
msgid ""
"Various tags stored by the realmd configuration service for this domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1092
+#: sssd.conf.5.xml:1144
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
@@ -2495,29 +2565,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2091
+#: sssd.conf.5.xml:2143
msgid "proxy_pam_target (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2094
+#: sssd.conf.5.xml:2146
msgid "The proxy target PAM proxies to."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2097
+#: sssd.conf.5.xml:2149
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2105
+#: sssd.conf.5.xml:2157
msgid "proxy_lib_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2108
+#: sssd.conf.5.xml:2160
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -2525,19 +2595,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:2087
+#: sssd.conf.5.xml:2139
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
"\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:2120
+#: sssd.conf.5.xml:2172
msgid "The local domain section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:2122
+#: sssd.conf.5.xml:2174
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -2545,73 +2615,73 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2129
+#: sssd.conf.5.xml:2181
msgid "default_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2132
+#: sssd.conf.5.xml:2184
msgid "The default shell for users created with SSSD userspace tools."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2136
+#: sssd.conf.5.xml:2188
msgid "Default: <filename>/bin/bash</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2141
+#: sssd.conf.5.xml:2193
msgid "base_directory (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2144
+#: sssd.conf.5.xml:2196
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2149
+#: sssd.conf.5.xml:2201
msgid "Default: <filename>/home</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2154
+#: sssd.conf.5.xml:2206
msgid "create_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2157
+#: sssd.conf.5.xml:2209
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2161 sssd.conf.5.xml:2173
+#: sssd.conf.5.xml:2213 sssd.conf.5.xml:2225
msgid "Default: TRUE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2166
+#: sssd.conf.5.xml:2218
msgid "remove_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2169
+#: sssd.conf.5.xml:2221
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2178
+#: sssd.conf.5.xml:2230
msgid "homedir_umask (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2181
+#: sssd.conf.5.xml:2233
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -2619,17 +2689,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2189
+#: sssd.conf.5.xml:2241
msgid "Default: 077"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2194
+#: sssd.conf.5.xml:2246
msgid "skel_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2197
+#: sssd.conf.5.xml:2249
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -2638,17 +2708,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2207
+#: sssd.conf.5.xml:2259
msgid "Default: <filename>/etc/skel</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2212
+#: sssd.conf.5.xml:2264
msgid "mail_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2215
+#: sssd.conf.5.xml:2267
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -2656,17 +2726,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2222
+#: sssd.conf.5.xml:2274
msgid "Default: <filename>/var/mail</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2227
+#: sssd.conf.5.xml:2279
msgid "userdel_cmd (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2230
+#: sssd.conf.5.xml:2282
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -2674,19 +2744,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2236
+#: sssd.conf.5.xml:2288
msgid "Default: None, no command is run"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:2246 sssd-ldap.5.xml:2518 sssd-simple.5.xml:131
-#: sssd-ipa.5.xml:718 sssd-ad.5.xml:843 sssd-krb5.5.xml:519
+#: sssd.conf.5.xml:2298 sssd-ldap.5.xml:2569 sssd-simple.5.xml:131
+#: sssd-ipa.5.xml:718 sssd-ad.5.xml:843 sssd-krb5.5.xml:564
#: sss_rpcidmapd.5.xml:98
msgid "EXAMPLE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:2252
+#: sssd.conf.5.xml:2304
#, no-wrap
msgid ""
"[sssd]\n"
@@ -2716,7 +2786,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:2248
+#: sssd.conf.5.xml:2300
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -3555,7 +3625,7 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:738 sssd-ldap.5.xml:831 sssd-ldap.5.xml:1058
-#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:2102 sssd-ldap.5.xml:2441
+#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:2153 sssd-ldap.5.xml:2492
#: sssd-ipa.5.xml:591
msgid "Default: cn"
msgstr ""
@@ -3836,11 +3906,6 @@ msgid ""
"dealing with complex or deep nested groups)."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1017
-msgid "ldap_use_tokengroups"
-msgstr ""
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1020
msgid ""
@@ -4075,7 +4140,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1258 sssd-ldap.5.xml:2259
+#: sssd-ldap.5.xml:1258 sssd-ldap.5.xml:2310
msgid "Default: 900 (15 minutes)"
msgstr ""
@@ -4526,7 +4591,7 @@ msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:403 sssd-krb5.5.xml:453
+#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:403 sssd-krb5.5.xml:462
msgid "krb5_canonicalize (boolean)"
msgstr ""
@@ -4538,12 +4603,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1700 sssd-krb5.5.xml:468
+#: sssd-ldap.5.xml:1700 sssd-krb5.5.xml:477
msgid "krb5_use_kdcinfo (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1703 sssd-krb5.5.xml:471
+#: sssd-ldap.5.xml:1703 sssd-krb5.5.xml:480
msgid ""
"Specifies if the SSSD should instruct the Kerberos libraries what realm and "
"which KDCs to use. This option is on by default, if you disable it, you need "
@@ -4553,7 +4618,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1714 sssd-krb5.5.xml:482
+#: sssd-ldap.5.xml:1714 sssd-krb5.5.xml:491
msgid ""
"See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</"
"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more "
@@ -4821,40 +4886,93 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1958
+msgid ""
+"<emphasis> Please note that this option is superseded by the <quote>ppolicy</"
+"quote> option and might be removed in a future release. </emphasis>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1965
+msgid ""
+"<emphasis>ppolicy</emphasis>: use account locking. If set, this option "
+"denies access in case that ldap attribute 'pwdAccountLockedTime' is present "
+"and has value of '000001010000Z' or represents any time in the past. The "
+"value of the 'pwdAccountLockedTime' attribute must end with 'Z', which "
+"denotes the UTC time zone. Other time zones are not currently supported and "
+"will result in \"access-denied\" when users attempt to log in. Please see "
+"the option ldap_pwdlockout_dn. Please note that 'access_provider = ldap' "
+"must be set for this feature to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1982
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1962
+#: sssd-ldap.5.xml:1986
+msgid ""
+"<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, "
+"pwd_expire_policy_renew: </emphasis> These options are useful if users are "
+"interested in being warned that password is about to expire and "
+"authentication is based on using a different method than passwords - for "
+"example SSH keys."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1996
+msgid ""
+"The difference between these options is the action taken if user password is "
+"expired: pwd_expire_policy_reject - user is denied to log in, "
+"pwd_expire_policy_warn - user is still able to log in, "
+"pwd_expire_policy_renew - user is prompted to change his password "
+"immediately."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2004
+msgid ""
+"Note If user password is expired no explicit message is prompted by SSSD."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2008
+msgid ""
+"Please note that 'access_provider = ldap' must be set for this feature to "
+"work. Also 'ldap_pwd_policy' must be set to an appropriate password policy."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2013
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1967
+#: sssd-ldap.5.xml:2018
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1971
+#: sssd-ldap.5.xml:2022
msgid "Default: filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1974
+#: sssd-ldap.5.xml:2025
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1981
+#: sssd-ldap.5.xml:2032
msgid "ldap_pwdlockout_dn (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1984
+#: sssd-ldap.5.xml:2035
msgid ""
"This option specifies the DN of password policy entry on LDAP server. Please "
"note that absence of this option in sssd.conf in case of enabled account "
@@ -4863,74 +4981,74 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1992
+#: sssd-ldap.5.xml:2043
msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1995
+#: sssd-ldap.5.xml:2046
msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2001
+#: sssd-ldap.5.xml:2052
msgid "ldap_deref (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2004
+#: sssd-ldap.5.xml:2055
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2009
+#: sssd-ldap.5.xml:2060
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2013
+#: sssd-ldap.5.xml:2064
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2018
+#: sssd-ldap.5.xml:2069
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2023
+#: sssd-ldap.5.xml:2074
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2028
+#: sssd-ldap.5.xml:2079
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2036
+#: sssd-ldap.5.xml:2087
msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2039
+#: sssd-ldap.5.xml:2090
msgid ""
"Allows to retain local users as members of an LDAP group for servers that "
"use the RFC2307 schema."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2043
+#: sssd-ldap.5.xml:2094
msgid ""
"In some environments where the RFC2307 schema is used, local users are made "
"members of LDAP groups by adding their names to the memberUid attribute. "
@@ -4941,7 +5059,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2054
+#: sssd-ldap.5.xml:2105
msgid ""
"This option falls back to checking if local users are referenced, and caches "
"them so that later initgroups() calls will augment the local users with the "
@@ -4959,12 +5077,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2070
+#: sssd-ldap.5.xml:2121
msgid "SUDO OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2072
+#: sssd-ldap.5.xml:2123
msgid ""
"The detailed instructions for configuration of sudo_provider are in the "
"manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> "
@@ -4972,208 +5090,208 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2083
+#: sssd-ldap.5.xml:2134
msgid "ldap_sudorule_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2086
+#: sssd-ldap.5.xml:2137
msgid "The object class of a sudo rule entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2089
+#: sssd-ldap.5.xml:2140
msgid "Default: sudoRole"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2095
+#: sssd-ldap.5.xml:2146
msgid "ldap_sudorule_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2098
+#: sssd-ldap.5.xml:2149
msgid "The LDAP attribute that corresponds to the sudo rule name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2108
+#: sssd-ldap.5.xml:2159
msgid "ldap_sudorule_command (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2111
+#: sssd-ldap.5.xml:2162
msgid "The LDAP attribute that corresponds to the command name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2115
+#: sssd-ldap.5.xml:2166
msgid "Default: sudoCommand"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2121
+#: sssd-ldap.5.xml:2172
msgid "ldap_sudorule_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2124
+#: sssd-ldap.5.xml:2175
msgid ""
"The LDAP attribute that corresponds to the host name (or host IP address, "
"host IP network, or host netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2129
+#: sssd-ldap.5.xml:2180
msgid "Default: sudoHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2135
+#: sssd-ldap.5.xml:2186
msgid "ldap_sudorule_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2138
+#: sssd-ldap.5.xml:2189
msgid ""
"The LDAP attribute that corresponds to the user name (or UID, group name or "
"user's netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2142
+#: sssd-ldap.5.xml:2193
msgid "Default: sudoUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2148
+#: sssd-ldap.5.xml:2199
msgid "ldap_sudorule_option (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2151
+#: sssd-ldap.5.xml:2202
msgid "The LDAP attribute that corresponds to the sudo options."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2155
+#: sssd-ldap.5.xml:2206
msgid "Default: sudoOption"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2161
+#: sssd-ldap.5.xml:2212
msgid "ldap_sudorule_runasuser (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2164
+#: sssd-ldap.5.xml:2215
msgid ""
"The LDAP attribute that corresponds to the user name that commands may be "
"run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2168
+#: sssd-ldap.5.xml:2219
msgid "Default: sudoRunAsUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2174
+#: sssd-ldap.5.xml:2225
msgid "ldap_sudorule_runasgroup (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2177
+#: sssd-ldap.5.xml:2228
msgid ""
"The LDAP attribute that corresponds to the group name or group GID that "
"commands may be run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2181
+#: sssd-ldap.5.xml:2232
msgid "Default: sudoRunAsGroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2187
+#: sssd-ldap.5.xml:2238
msgid "ldap_sudorule_notbefore (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2190
+#: sssd-ldap.5.xml:2241
msgid ""
"The LDAP attribute that corresponds to the start date/time for when the sudo "
"rule is valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2194
+#: sssd-ldap.5.xml:2245
msgid "Default: sudoNotBefore"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2200
+#: sssd-ldap.5.xml:2251
msgid "ldap_sudorule_notafter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2203
+#: sssd-ldap.5.xml:2254
msgid ""
"The LDAP attribute that corresponds to the expiration date/time, after which "
"the sudo rule will no longer be valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2208
+#: sssd-ldap.5.xml:2259
msgid "Default: sudoNotAfter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2214
+#: sssd-ldap.5.xml:2265
msgid "ldap_sudorule_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2217
+#: sssd-ldap.5.xml:2268
msgid "The LDAP attribute that corresponds to the ordering index of the rule."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2221
+#: sssd-ldap.5.xml:2272
msgid "Default: sudoOrder"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2227
+#: sssd-ldap.5.xml:2278
msgid "ldap_sudo_full_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2230
+#: sssd-ldap.5.xml:2281
msgid ""
"How many seconds SSSD will wait between executing a full refresh of sudo "
"rules (which downloads all rules that are stored on the server)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2235
+#: sssd-ldap.5.xml:2286
msgid ""
"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </"
"emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2240
+#: sssd-ldap.5.xml:2291
msgid "Default: 21600 (6 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2246
+#: sssd-ldap.5.xml:2297
msgid "ldap_sudo_smart_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2249
+#: sssd-ldap.5.xml:2300
msgid ""
"How many seconds SSSD has to wait before executing a smart refresh of sudo "
"rules (which downloads all rules that have USN higher than the highest USN "
@@ -5181,101 +5299,101 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2255
+#: sssd-ldap.5.xml:2306
msgid ""
"If USN attributes are not supported by the server, the modifyTimestamp "
"attribute is used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2265
+#: sssd-ldap.5.xml:2316
msgid "ldap_sudo_use_host_filter (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2268
+#: sssd-ldap.5.xml:2319
msgid ""
"If true, SSSD will download only rules that are applicable to this machine "
"(using the IPv4 or IPv6 host/network addresses and hostnames)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2279
+#: sssd-ldap.5.xml:2330
msgid "ldap_sudo_hostnames (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2282
+#: sssd-ldap.5.xml:2333
msgid ""
"Space separated list of hostnames or fully qualified domain names that "
"should be used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2287
+#: sssd-ldap.5.xml:2338
msgid ""
"If this option is empty, SSSD will try to discover the hostname and the "
"fully qualified domain name automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2292 sssd-ldap.5.xml:2315 sssd-ldap.5.xml:2333
-#: sssd-ldap.5.xml:2351
+#: sssd-ldap.5.xml:2343 sssd-ldap.5.xml:2366 sssd-ldap.5.xml:2384
+#: sssd-ldap.5.xml:2402
msgid ""
"If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</"
"emphasis> then this option has no effect."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2297 sssd-ldap.5.xml:2320
+#: sssd-ldap.5.xml:2348 sssd-ldap.5.xml:2371
msgid "Default: not specified"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2303
+#: sssd-ldap.5.xml:2354
msgid "ldap_sudo_ip (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2306
+#: sssd-ldap.5.xml:2357
msgid ""
"Space separated list of IPv4 or IPv6 host/network addresses that should be "
"used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2311
+#: sssd-ldap.5.xml:2362
msgid ""
"If this option is empty, SSSD will try to discover the addresses "
"automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2326
+#: sssd-ldap.5.xml:2377
msgid "ldap_sudo_include_netgroups (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2329
+#: sssd-ldap.5.xml:2380
msgid ""
"If true then SSSD will download every rule that contains a netgroup in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2344
+#: sssd-ldap.5.xml:2395
msgid "ldap_sudo_include_regexp (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2347
+#: sssd-ldap.5.xml:2398
msgid ""
"If true then SSSD will download every rule that contains a wildcard in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2363
+#: sssd-ldap.5.xml:2414
msgid ""
"This manual page only describes attribute name mapping. For detailed "
"explanation of sudo related attribute semantics, see <citerefentry> "
@@ -5284,91 +5402,91 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2373
+#: sssd-ldap.5.xml:2424
msgid "AUTOFS OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2375
+#: sssd-ldap.5.xml:2426
msgid ""
"Please note that the default values correspond to the default schema which "
"is RFC2307."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2381
+#: sssd-ldap.5.xml:2432
msgid "ldap_autofs_map_master_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2384
+#: sssd-ldap.5.xml:2435
msgid "The name of the automount master map in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2387
+#: sssd-ldap.5.xml:2438
msgid "Default: auto.master"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2394
+#: sssd-ldap.5.xml:2445
msgid "ldap_autofs_map_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2397 sssd-ldap.5.xml:2423
+#: sssd-ldap.5.xml:2448 sssd-ldap.5.xml:2474
msgid "The object class of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2400 sssd-ldap.5.xml:2427
+#: sssd-ldap.5.xml:2451 sssd-ldap.5.xml:2478
msgid "Default: automountMap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2407
+#: sssd-ldap.5.xml:2458
msgid "ldap_autofs_map_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2410
+#: sssd-ldap.5.xml:2461
msgid "The name of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2413
+#: sssd-ldap.5.xml:2464
msgid "Default: ou"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2420
+#: sssd-ldap.5.xml:2471
msgid "ldap_autofs_entry_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2434
+#: sssd-ldap.5.xml:2485
msgid "ldap_autofs_entry_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2437 sssd-ldap.5.xml:2451
+#: sssd-ldap.5.xml:2488 sssd-ldap.5.xml:2502
msgid ""
"The key of an automount entry in LDAP. The entry usually corresponds to a "
"mount point."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2448
+#: sssd-ldap.5.xml:2499
msgid "ldap_autofs_entry_value (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2455
+#: sssd-ldap.5.xml:2506
msgid "Default: automountInformation"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2379
+#: sssd-ldap.5.xml:2430
msgid ""
"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
@@ -5377,32 +5495,32 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2465
+#: sssd-ldap.5.xml:2516
msgid "ADVANCED OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2472
+#: sssd-ldap.5.xml:2523
msgid "ldap_netgroup_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2477
+#: sssd-ldap.5.xml:2528
msgid "ldap_user_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2482
+#: sssd-ldap.5.xml:2533
msgid "ldap_group_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><note>
-#: sssd-ldap.5.xml:2487
+#: sssd-ldap.5.xml:2538
msgid "<note>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para>
-#: sssd-ldap.5.xml:2489
+#: sssd-ldap.5.xml:2540
msgid ""
"If the option <quote>ldap_use_tokengroups</quote> is enabled. The searches "
"against Active Directory will not be restricted and return all groups "
@@ -5411,22 +5529,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist>
-#: sssd-ldap.5.xml:2496
+#: sssd-ldap.5.xml:2547
msgid "</note>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2498
+#: sssd-ldap.5.xml:2549
msgid "ldap_sudo_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2503
+#: sssd-ldap.5.xml:2554
msgid "ldap_autofs_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2467
+#: sssd-ldap.5.xml:2518
msgid ""
"These options are supported by LDAP domains, but they should be used with "
"caution. Please include them in your configuration only if you know what you "
@@ -5435,7 +5553,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2520
+#: sssd-ldap.5.xml:2571
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -5443,7 +5561,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2526
+#: sssd-ldap.5.xml:2577
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -5456,26 +5574,26 @@ msgid ""
msgstr ""
#. type: Content of: <refsect1><refsect2><para>
-#: sssd-ldap.5.xml:2525 sssd-ldap.5.xml:2543 sssd-simple.5.xml:139
+#: sssd-ldap.5.xml:2576 sssd-ldap.5.xml:2594 sssd-simple.5.xml:139
#: sssd-ipa.5.xml:726 sssd-ad.5.xml:851 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98
-#: sssd-krb5.5.xml:528 include/ldap_id_mapping.xml:105
+#: sssd-krb5.5.xml:573 include/ldap_id_mapping.xml:105
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2537
+#: sssd-ldap.5.xml:2588
msgid "LDAP ACCESS FILTER EXAMPLE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2539
+#: sssd-ldap.5.xml:2590
msgid ""
"The following example assumes that SSSD is correctly configured and to use "
"the ldap_access_order=lockout."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2544
+#: sssd-ldap.5.xml:2595
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -5491,13 +5609,13 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2559 sssd_krb5_locator_plugin.8.xml:61
+#: sssd-ldap.5.xml:2610 sssd_krb5_locator_plugin.8.xml:61
#: sssd-simple.5.xml:148 sssd-ad.5.xml:866 sssd.8.xml:195 sss_seed.8.xml:163
msgid "NOTES"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2561
+#: sssd-ldap.5.xml:2612
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -6257,7 +6375,7 @@ msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:371 sssd-krb5.5.xml:245
+#: sssd-ipa.5.xml:371 sssd-krb5.5.xml:254
msgid "krb5_validate (boolean)"
msgstr ""
@@ -6298,12 +6416,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:419 sssd-krb5.5.xml:407
+#: sssd-ipa.5.xml:419 sssd-krb5.5.xml:416
msgid "krb5_use_fast (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:422 sssd-krb5.5.xml:410
+#: sssd-ipa.5.xml:422 sssd-krb5.5.xml:419
msgid ""
"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-"
"authentication. The following options are supported:"
@@ -6323,7 +6441,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:436 sssd-krb5.5.xml:424
+#: sssd-ipa.5.xml:436 sssd-krb5.5.xml:433
msgid ""
"<emphasis>demand</emphasis> to use FAST. The authentication fails if the "
"server does not require fast."
@@ -6335,7 +6453,7 @@ msgid "Default: try"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:444 sssd-krb5.5.xml:435
+#: sssd-ipa.5.xml:444 sssd-krb5.5.xml:444
msgid ""
"NOTE: SSSD supports FAST only with MIT Kerberos version 1.8 and later. If "
"SSSD is used with an older version of MIT Kerberos, using this option is a "
@@ -7421,12 +7539,12 @@ msgid "Default: True"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:797 sssd-krb5.5.xml:496
+#: sssd-ad.5.xml:797 sssd-krb5.5.xml:505
msgid "krb5_use_enterprise_principal (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:800 sssd-krb5.5.xml:499
+#: sssd-ad.5.xml:800 sssd-krb5.5.xml:508
msgid ""
"Specifies if the user principal should be treated as enterprise principal. "
"See section 5 of RFC 6806 for more details about enterprise principals."
@@ -8369,16 +8487,24 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:225
+msgid ""
+"NOTE: Please be aware that libkrb5 ccache expansion template from "
+"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> uses different expansion sequences than SSSD."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:234
msgid "Default: (from libkrb5)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:231
+#: sssd-krb5.5.xml:240
msgid "krb5_auth_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:234
+#: sssd-krb5.5.xml:243
msgid ""
"Timeout in seconds after an online authentication request or change password "
"request is aborted. If possible, the authentication request is continued "
@@ -8386,7 +8512,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:248
+#: sssd-krb5.5.xml:257
msgid ""
"Verify with the help of krb5_keytab that the TGT obtained has not been "
"spoofed. The keytab is checked for entries sequentially, and the first entry "
@@ -8397,36 +8523,36 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:263
+#: sssd-krb5.5.xml:272
msgid "krb5_keytab (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:266
+#: sssd-krb5.5.xml:275
msgid ""
"The location of the keytab to use when validating credentials obtained from "
"KDCs."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:270
+#: sssd-krb5.5.xml:279
msgid "Default: /etc/krb5.keytab"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:276
+#: sssd-krb5.5.xml:285
msgid "krb5_store_password_if_offline (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:279
+#: sssd-krb5.5.xml:288
msgid ""
"Store the password of the user if the provider is offline and use it to "
"request a TGT when the provider comes online again."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:284
+#: sssd-krb5.5.xml:293
msgid ""
"NOTE: this feature is only available on Linux. Passwords stored in this way "
"are kept in plaintext in the kernel keyring and are potentially accessible "
@@ -8434,91 +8560,91 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:297
+#: sssd-krb5.5.xml:306
msgid "krb5_renewable_lifetime (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:300
+#: sssd-krb5.5.xml:309
msgid ""
"Request a renewable ticket with a total lifetime, given as an integer "
"immediately followed by a time unit:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:305 sssd-krb5.5.xml:339 sssd-krb5.5.xml:376
+#: sssd-krb5.5.xml:314 sssd-krb5.5.xml:348 sssd-krb5.5.xml:385
msgid "<emphasis>s</emphasis> for seconds"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:308 sssd-krb5.5.xml:342 sssd-krb5.5.xml:379
+#: sssd-krb5.5.xml:317 sssd-krb5.5.xml:351 sssd-krb5.5.xml:388
msgid "<emphasis>m</emphasis> for minutes"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:311 sssd-krb5.5.xml:345 sssd-krb5.5.xml:382
+#: sssd-krb5.5.xml:320 sssd-krb5.5.xml:354 sssd-krb5.5.xml:391
msgid "<emphasis>h</emphasis> for hours"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:314 sssd-krb5.5.xml:348 sssd-krb5.5.xml:385
+#: sssd-krb5.5.xml:323 sssd-krb5.5.xml:357 sssd-krb5.5.xml:394
msgid "<emphasis>d</emphasis> for days."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:317 sssd-krb5.5.xml:388
+#: sssd-krb5.5.xml:326 sssd-krb5.5.xml:397
msgid "If there is no unit given, <emphasis>s</emphasis> is assumed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:321 sssd-krb5.5.xml:392
+#: sssd-krb5.5.xml:330 sssd-krb5.5.xml:401
msgid ""
"NOTE: It is not possible to mix units. To set the renewable lifetime to one "
"and a half hours, use '90m' instead of '1h30m'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:326
+#: sssd-krb5.5.xml:335
msgid "Default: not set, i.e. the TGT is not renewable"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:332
+#: sssd-krb5.5.xml:341
msgid "krb5_lifetime (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:335
+#: sssd-krb5.5.xml:344
msgid ""
"Request ticket with a lifetime, given as an integer immediately followed by "
"a time unit:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:351
+#: sssd-krb5.5.xml:360
msgid "If there is no unit given <emphasis>s</emphasis> is assumed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:355
+#: sssd-krb5.5.xml:364
msgid ""
"NOTE: It is not possible to mix units. To set the lifetime to one and a "
"half hours please use '90m' instead of '1h30m'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:360
+#: sssd-krb5.5.xml:369
msgid ""
"Default: not set, i.e. the default ticket lifetime configured on the KDC."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:367
+#: sssd-krb5.5.xml:376
msgid "krb5_renew_interval (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:370
+#: sssd-krb5.5.xml:379
msgid ""
"The time in seconds between two checks if the TGT should be renewed. TGTs "
"are renewed if about half of their lifetime is exceeded, given as an integer "
@@ -8526,56 +8652,89 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:397
+#: sssd-krb5.5.xml:406
msgid "If this option is not set or is 0 the automatic renewal is disabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:415
+#: sssd-krb5.5.xml:424
msgid ""
"<emphasis>never</emphasis> use FAST. This is equivalent to not setting this "
"option at all."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:419
+#: sssd-krb5.5.xml:428
msgid ""
"<emphasis>try</emphasis> to use FAST. If the server does not support FAST, "
"continue the authentication without it."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:429
+#: sssd-krb5.5.xml:438
msgid "Default: not set, i.e. FAST is not used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:432
+#: sssd-krb5.5.xml:441
msgid "NOTE: a keytab is required to use FAST."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:444
+#: sssd-krb5.5.xml:453
msgid "krb5_fast_principal (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:447
+#: sssd-krb5.5.xml:456
msgid "Specifies the server principal to use for FAST."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:456
+#: sssd-krb5.5.xml:465
msgid ""
"Specifies if the host and user principal should be canonicalized. This "
"feature is available with MIT Kerberos 1.7 and later versions."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:505
+#: sssd-krb5.5.xml:514
msgid "Default: false (AD provider: true)"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:520
+msgid "krb5_map_user (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:523
+msgid ""
+"The list of mappings is given as a comma-separated list of pairs "
+"<quote>username:primary</quote> where <quote>username</quote> is a UNIX user "
+"name and <quote>primary</quote> is a user part of a kerberos principal. This "
+"mapping is used when user is authenticating using <quote>auth_provider = "
+"krb5</quote>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd-krb5.5.xml:535
+#, no-wrap
+msgid ""
+"krb5_realm = REALM\n"
+"krb5_map_user = joe:juser,dick:richard\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:540
+msgid ""
+"<quote>joe</quote> and <quote>dick</quote> are UNIX user names and "
+"<quote>juser</quote> and <quote>richard</quote> are primaries of kerberos "
+"principals. For user <quote>joe</quote> resp. <quote>dick</quote> SSSD will "
+"try to kinit as <quote>juser@REALM</quote> resp. <quote>richard@REALM</"
+"quote>."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-krb5.5.xml:65
msgid ""
@@ -8587,7 +8746,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-krb5.5.xml:521
+#: sssd-krb5.5.xml:566
msgid ""
"The following example assumes that SSSD is correctly configured and FOO is "
"one of the domains in the <replaceable>[sssd]</replaceable> section. This "
@@ -8596,7 +8755,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-krb5.5.xml:529
+#: sssd-krb5.5.xml:574
#, no-wrap
msgid ""
" [domain/FOO]\n"
diff --git a/src/man/po/pt.po b/src/man/po/pt.po
index 15534e18d..95231d83f 100644
--- a/src/man/po/pt.po
+++ b/src/man/po/pt.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: sssd-docs 1.12.2\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2015-02-18 16:52+0100\n"
+"POT-Creation-Date: 2015-06-12 10:36+0200\n"
"PO-Revision-Date: 2014-06-04 02:04-0400\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Portuguese (http://www.transifex.com/projects/p/sssd/language/"
@@ -18,7 +18,7 @@ msgstr ""
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"
-"X-Generator: Zanata 3.5.1\n"
+"X-Generator: Zanata 3.6.2\n"
#. type: Content of: <reference><title>
#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5
@@ -249,11 +249,11 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:81 sssd.conf.5.xml:571 sssd.conf.5.xml:1014
+#: sssd.conf.5.xml:81 sssd.conf.5.xml:602 sssd.conf.5.xml:1066
#: sssd-ldap.5.xml:1625 sssd-ldap.5.xml:1722 sssd-ldap.5.xml:1784
-#: sssd-ldap.5.xml:2273 sssd-ldap.5.xml:2338 sssd-ldap.5.xml:2356
+#: sssd-ldap.5.xml:2324 sssd-ldap.5.xml:2389 sssd-ldap.5.xml:2407
#: sssd-ipa.5.xml:378 sssd-ipa.5.xml:413 sssd-ad.5.xml:166 sssd-ad.5.xml:264
-#: sssd-ad.5.xml:714 sssd-ad.5.xml:806 sssd-krb5.5.xml:490
+#: sssd-ad.5.xml:714 sssd-ad.5.xml:806 sssd-krb5.5.xml:499
msgid "Default: true"
msgstr ""
@@ -270,16 +270,16 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:94 sssd.conf.5.xml:968 sssd.conf.5.xml:2043
+#: sssd.conf.5.xml:94 sssd.conf.5.xml:1020 sssd.conf.5.xml:2095
#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1499 sssd-ldap.5.xml:1518
-#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:2060 sssd-ipa.5.xml:139
-#: sssd-ipa.5.xml:208 sssd-ipa.5.xml:543 sssd-krb5.5.xml:257
-#: sssd-krb5.5.xml:291 sssd-krb5.5.xml:462
+#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:2111 sssd-ipa.5.xml:139
+#: sssd-ipa.5.xml:208 sssd-ipa.5.xml:543 sssd-krb5.5.xml:266
+#: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471
msgid "Default: false"
msgstr "Padrão: false"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:67 sssd.conf.5.xml:105 sssd-ldap.5.xml:2081
+#: sssd.conf.5.xml:67 sssd.conf.5.xml:105 sssd-ldap.5.xml:2132
msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
@@ -316,7 +316,7 @@ msgid "The [sssd] section"
msgstr "A seção [SSSD]"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:137 sssd.conf.5.xml:2127
+#: sssd.conf.5.xml:137 sssd.conf.5.xml:2179
msgid "Section parameters"
msgstr "Parâmetros de secção"
@@ -391,7 +391,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:193 sssd.conf.5.xml:1826
+#: sssd.conf.5.xml:193 sssd.conf.5.xml:1878
msgid "re_expression (string)"
msgstr "re_expression (string)"
@@ -411,12 +411,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:210 sssd.conf.5.xml:1877
+#: sssd.conf.5.xml:210 sssd.conf.5.xml:1929
msgid "full_name_format (string)"
msgstr "full_name_format (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:213 sssd.conf.5.xml:1880
+#: sssd.conf.5.xml:213 sssd.conf.5.xml:1932
msgid ""
"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
"manvolnum> </citerefentry>-compatible format that describes how to compose a "
@@ -424,39 +424,39 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:224 sssd.conf.5.xml:1891
+#: sssd.conf.5.xml:224 sssd.conf.5.xml:1943
msgid "%1$s"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:225 sssd.conf.5.xml:1892
+#: sssd.conf.5.xml:225 sssd.conf.5.xml:1944
msgid "user name"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:228 sssd.conf.5.xml:1895
+#: sssd.conf.5.xml:228 sssd.conf.5.xml:1947
msgid "%2$s"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:231 sssd.conf.5.xml:1898
+#: sssd.conf.5.xml:231 sssd.conf.5.xml:1950
msgid "domain name as specified in the SSSD config file."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:237 sssd.conf.5.xml:1904
+#: sssd.conf.5.xml:237 sssd.conf.5.xml:1956
msgid "%3$s"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:240 sssd.conf.5.xml:1907
+#: sssd.conf.5.xml:240 sssd.conf.5.xml:1959
msgid ""
"domain flat name. Mostly usable for Active Directory domains, both directly "
"configured or discovered via IPA trusts."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:221 sssd.conf.5.xml:1888
+#: sssd.conf.5.xml:221 sssd.conf.5.xml:1940
msgid ""
"The following expansions are supported: <placeholder type=\"variablelist\" "
"id=\"0\"/>"
@@ -575,8 +575,8 @@ msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:336 sssd-ldap.5.xml:663 sssd-ldap.5.xml:1458
#: sssd-ldap.5.xml:1470 sssd-ldap.5.xml:1552 sssd-ad.5.xml:557
-#: sssd-ad.5.xml:627 sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:203
-#: include/ldap_id_mapping.xml:214
+#: sssd-ad.5.xml:627 sssd-krb5.5.xml:410 sssd-krb5.5.xml:550
+#: include/ldap_id_mapping.xml:203 include/ldap_id_mapping.xml:214
msgid "Default: not set"
msgstr ""
@@ -679,18 +679,18 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:427 sssd.conf.5.xml:443 sssd.conf.5.xml:475
-#: sssd.conf.5.xml:702 sssd.conf.5.xml:888 sssd.conf.5.xml:1209
+#: sssd.conf.5.xml:733 sssd.conf.5.xml:919 sssd.conf.5.xml:1261
#: sssd-ldap.5.xml:1200
msgid "Default: 60"
msgstr "Padrão: 60"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:432 sssd.conf.5.xml:1198
+#: sssd.conf.5.xml:432 sssd.conf.5.xml:1250
msgid "force_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:435 sssd.conf.5.xml:1201
+#: sssd.conf.5.xml:435 sssd.conf.5.xml:1253
msgid ""
"If a service is not responding to ping checks (see the <quote>timeout</"
"quote> option), it is first sent the SIGTERM signal that instructs it to "
@@ -737,41 +737,101 @@ msgid ""
"will be forced to one hour."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:480
+#, fuzzy
+#| msgid "mail_dir (string)"
+msgid "subdomain_inherit (string)"
+msgstr "mail_dir (string)"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:483
+msgid ""
+"Specifies a list of configuration parameters that should be inherited by a "
+"subdomain. Please note that only selected parameters can be inherited. "
+"Currently the following options can be inherited:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:489
+msgid "ignore_group_members"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:492
+#, fuzzy
+#| msgid "ldap_search_timeout (integer)"
+msgid "ldap_purge_cache_timeout"
+msgstr "ldap_search_timeout (integer)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:495 sssd-ldap.5.xml:1017
+msgid "ldap_use_tokengroups"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:498
+#, fuzzy
+#| msgid "ldap_user_principal (string)"
+msgid "ldap_user_principal"
+msgstr "ldap_user_principal (string)"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd.conf.5.xml:503
+#, no-wrap
+msgid ""
+"subdomain_inherit = ldap_purge_cache_timeout\n"
+" "
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:501
+#, fuzzy
+#| msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
+msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr "<placeholder type=\"programlisting\" id=\"0\"/>"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:507 sssd.conf.5.xml:963 sssd.conf.5.xml:984
+#: sssd.conf.5.xml:1244 sssd-ldap.5.xml:1753
+msgid "Default: none"
+msgstr "Padrão: none"
+
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:484
+#: sssd.conf.5.xml:515
msgid "NSS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:486
+#: sssd.conf.5.xml:517
msgid ""
"These options can be used to configure the Name Service Switch (NSS) service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:491
+#: sssd.conf.5.xml:522
msgid "enum_cache_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:494
+#: sssd.conf.5.xml:525
msgid ""
"How many seconds should nss_sss cache enumerations (requests for info about "
"all users)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:498
+#: sssd.conf.5.xml:529
msgid "Default: 120"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:503
+#: sssd.conf.5.xml:534
msgid "entry_cache_nowait_percentage (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:506
+#: sssd.conf.5.xml:537
msgid ""
"The entry cache can be set to automatically update entries in the background "
"if they are requested beyond a percentage of the entry_cache_timeout value "
@@ -779,7 +839,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:512
+#: sssd.conf.5.xml:543
msgid ""
"For example, if the domain's entry_cache_timeout is set to 30s and "
"entry_cache_nowait_percentage is set to 50 (percent), entries that come in "
@@ -789,7 +849,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:522
+#: sssd.conf.5.xml:553
msgid ""
"Valid values for this option are 0-99 and represent a percentage of the "
"entry_cache_timeout for each domain. For performance reasons, this "
@@ -798,17 +858,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:530
+#: sssd.conf.5.xml:561
msgid "Default: 50"
msgstr "Padrão: 50"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:535
+#: sssd.conf.5.xml:566
msgid "entry_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:538
+#: sssd.conf.5.xml:569
msgid ""
"Specifies for how many seconds nss_sss should cache negative cache hits "
"(that is, queries for invalid database entries, like nonexistent ones) "
@@ -816,17 +876,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:544 sssd.conf.5.xml:992
+#: sssd.conf.5.xml:575 sssd.conf.5.xml:1044
msgid "Default: 15"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:549
+#: sssd.conf.5.xml:580
msgid "filter_users, filter_groups (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:552
+#: sssd.conf.5.xml:583
msgid ""
"Exclude certain users from being fetched from the sss NSS database. This is "
"particularly useful for system accounts. This option can also be set per-"
@@ -835,41 +895,41 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:559
+#: sssd.conf.5.xml:590
msgid "Default: root"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:564
+#: sssd.conf.5.xml:595
msgid "filter_users_in_groups (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:567
+#: sssd.conf.5.xml:598
msgid ""
"If you want filtered user still be group members set this option to false."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:578
+#: sssd.conf.5.xml:609
msgid "fallback_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:581
+#: sssd.conf.5.xml:612
msgid ""
"Set a default template for a user's home directory if one is not specified "
"explicitly by the domain's data provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:586
+#: sssd.conf.5.xml:617
msgid ""
"The available values for this option are the same as for override_homedir."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
-#: sssd.conf.5.xml:592
+#: sssd.conf.5.xml:623
#, no-wrap
msgid ""
"fallback_homedir = /home/%u\n"
@@ -877,22 +937,23 @@ msgid ""
msgstr ""
#. type: Content of: <varlistentry><listitem><para>
-#: sssd.conf.5.xml:590 include/override_homedir.xml:55
+#: sssd.conf.5.xml:621 sssd.conf.5.xml:978 sssd-krb5.5.xml:533
+#: include/override_homedir.xml:55
msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:596
+#: sssd.conf.5.xml:627
msgid "Default: not set (no substitution for unset home directories)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:602
+#: sssd.conf.5.xml:633
msgid "override_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:605
+#: sssd.conf.5.xml:636
msgid ""
"Override the login shell for all users. This option supersedes any other "
"shell options if it takes effect and can be set either in the [nss] section "
@@ -900,47 +961,47 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:611
+#: sssd.conf.5.xml:642
msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:617
+#: sssd.conf.5.xml:648
msgid "allowed_shells (string)"
msgstr "allowed_shells (string)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:620
+#: sssd.conf.5.xml:651
msgid ""
"Restrict user shell to one of the listed values. The order of evaluation is:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:623
+#: sssd.conf.5.xml:654
msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:627
+#: sssd.conf.5.xml:658
msgid ""
"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
"quote>, use the value of the shell_fallback parameter."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:632
+#: sssd.conf.5.xml:663
msgid ""
"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
"shells</quote>, a nologin shell is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:637
+#: sssd.conf.5.xml:668
msgid "The wildcard (*) can be used to allow any shell."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:640
+#: sssd.conf.5.xml:671
msgid ""
"The (*) is useful if you want to use shell_fallback in case that user's "
"shell is not in <quote>/etc/shells</quote> and maintaining list of all "
@@ -948,103 +1009,103 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:647
+#: sssd.conf.5.xml:678
msgid "An empty string for shell is passed as-is to libc."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:650
+#: sssd.conf.5.xml:681
msgid ""
"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
"that a restart of the SSSD is required in case a new shell is installed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:654
+#: sssd.conf.5.xml:685
msgid "Default: Not set. The user shell is automatically used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:659
+#: sssd.conf.5.xml:690
msgid "vetoed_shells (string)"
msgstr "vetoed_shells (string)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:662
+#: sssd.conf.5.xml:693
msgid "Replace any instance of these shells with the shell_fallback"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:667
+#: sssd.conf.5.xml:698
msgid "shell_fallback (string)"
msgstr "shell_fallback (string)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:670
+#: sssd.conf.5.xml:701
msgid ""
"The default shell to use if an allowed shell is not installed on the machine."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:674
+#: sssd.conf.5.xml:705
msgid "Default: /bin/sh"
msgstr "Padrão: /bin/sh"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:679
+#: sssd.conf.5.xml:710
msgid "default_shell"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:682
+#: sssd.conf.5.xml:713
msgid ""
"The default shell to use if the provider does not return one during lookup. "
"This option can be specified globally in the [nss] section or per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:688
+#: sssd.conf.5.xml:719
msgid ""
"Default: not set (Return NULL if no shell is specified and rely on libc to "
"substitute something sensible when necessary, usually /bin/sh)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:695 sssd.conf.5.xml:881
+#: sssd.conf.5.xml:726 sssd.conf.5.xml:912
msgid "get_domains_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:698 sssd.conf.5.xml:884
+#: sssd.conf.5.xml:729 sssd.conf.5.xml:915
msgid ""
"Specifies time in seconds for which the list of subdomains will be "
"considered valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:707
+#: sssd.conf.5.xml:738
msgid "memcache_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:710
+#: sssd.conf.5.xml:741
msgid ""
"Specifies time in seconds for which records in the in-memory cache will be "
"valid"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:714 sssd-ldap.5.xml:706
+#: sssd.conf.5.xml:745 sssd-ldap.5.xml:706
msgid "Default: 300"
msgstr "Padrão: 300"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:719 sssd-ifp.5.xml:74
+#: sssd.conf.5.xml:750 sssd-ifp.5.xml:74
msgid "user_attributes (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:722
+#: sssd.conf.5.xml:753
msgid ""
"Some of the additional NSS responder requests can return more attributes "
"than just the POSIX ones defined by the NSS interface. The list of "
@@ -1055,72 +1116,72 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:735
+#: sssd.conf.5.xml:766
msgid ""
"To make configuration more easy the NSS responder will check the InfoPipe "
"option if it is not set for the NSS responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:740
+#: sssd.conf.5.xml:771
msgid "Default: not set, fallback to InfoPipe option"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:747
+#: sssd.conf.5.xml:778
msgid "PAM configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:749
+#: sssd.conf.5.xml:780
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:754
+#: sssd.conf.5.xml:785
msgid "offline_credentials_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:757
+#: sssd.conf.5.xml:788
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:762 sssd.conf.5.xml:775
+#: sssd.conf.5.xml:793 sssd.conf.5.xml:806
msgid "Default: 0 (No limit)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:768
+#: sssd.conf.5.xml:799
msgid "offline_failed_login_attempts (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:771
+#: sssd.conf.5.xml:802
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:781
+#: sssd.conf.5.xml:812
msgid "offline_failed_login_delay (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:784
+#: sssd.conf.5.xml:815
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:789
+#: sssd.conf.5.xml:820
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -1128,59 +1189,59 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:795 sssd.conf.5.xml:848
+#: sssd.conf.5.xml:826 sssd.conf.5.xml:879
msgid "Default: 5"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:801
+#: sssd.conf.5.xml:832
msgid "pam_verbosity (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:804
+#: sssd.conf.5.xml:835
msgid ""
"Controls what kind of messages are shown to the user during authentication. "
"The higher the number to more messages are displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:809
+#: sssd.conf.5.xml:840
msgid "Currently sssd supports the following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:812
+#: sssd.conf.5.xml:843
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:815
+#: sssd.conf.5.xml:846
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:819
+#: sssd.conf.5.xml:850
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:822
+#: sssd.conf.5.xml:853
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:826 sssd.8.xml:63
+#: sssd.conf.5.xml:857 sssd.8.xml:63
msgid "Default: 1"
msgstr "Padrão: 1"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:831
+#: sssd.conf.5.xml:862
msgid "pam_id_timeout (integer)"
msgstr "pam_id_timeout (integer)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:834
+#: sssd.conf.5.xml:865
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -1188,7 +1249,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:840
+#: sssd.conf.5.xml:871
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a per-"
@@ -1197,17 +1258,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:854
+#: sssd.conf.5.xml:885
msgid "pam_pwd_expiration_warning (integer)"
msgstr "pam_pwd_expiration_warning (integer)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:857 sssd.conf.5.xml:1390
+#: sssd.conf.5.xml:888 sssd.conf.5.xml:1442
msgid "Display a warning N days before the password expires."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:860
+#: sssd.conf.5.xml:891
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1215,31 +1276,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:866 sssd.conf.5.xml:1393
+#: sssd.conf.5.xml:897 sssd.conf.5.xml:1445
msgid ""
"If zero is set, then this filter is not applied, i.e. if the expiration "
"warning was received from backend server, it will automatically be displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:871
+#: sssd.conf.5.xml:902
msgid ""
"This setting can be overridden by setting <emphasis>pwd_expiration_warning</"
"emphasis> for a particular domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:876 sssd.8.xml:79
+#: sssd.conf.5.xml:907 sssd.8.xml:79
msgid "Default: 0"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:893
+#: sssd.conf.5.xml:924
msgid "pam_trusted_users (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:896
+#: sssd.conf.5.xml:927
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAM responder. User names are resolved to UIDs at "
@@ -1247,59 +1308,77 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:902
+#: sssd.conf.5.xml:933
msgid "Default: all (All users are allowed to access the PAM responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:906
+#: sssd.conf.5.xml:937
msgid ""
"Please note that UID 0 is always allowed to access the PAM responder even in "
"case it is not in the pam_trusted_users list."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:913
+#: sssd.conf.5.xml:944
msgid "pam_public_domains (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:916
+#: sssd.conf.5.xml:947
msgid ""
"Specifies the comma-separated list of domain names that are accessible even "
"to untrusted users."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:920
+#: sssd.conf.5.xml:951
msgid "Two special values for pam_public_domains option are defined:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:924
+#: sssd.conf.5.xml:955
msgid ""
"all (Untrusted users are allowed to access all domains in PAM responder.)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:928
+#: sssd.conf.5.xml:959
msgid ""
"none (Untrusted users are not allowed to access any domains PAM in "
"responder.)"
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:932 sssd.conf.5.xml:1192 sssd-ldap.5.xml:1753
-msgid "Default: none"
-msgstr "Padrão: none"
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:968
+#, fuzzy
+#| msgid "ipa_hbac_search_base (string)"
+msgid "pam_account_expired_message (string)"
+msgstr "ipa_hbac_search_base (string)"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:971
+msgid ""
+"If user is authenticating using SSH keys and account is expired then by "
+"default 'Permission denied' is output. This output will be changed to "
+"content of this variable if it is set."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd.conf.5.xml:980
+#, no-wrap
+msgid ""
+"pam_account_expired_message = Account expired, please call help desk.\n"
+" "
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:941
+#: sssd.conf.5.xml:993
msgid "SUDO configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:943
+#: sssd.conf.5.xml:995
msgid ""
"These options can be used to configure the sudo service. The detailed "
"instructions for configuration of <citerefentry> <refentrytitle>sudo</"
@@ -1310,34 +1389,34 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:960
+#: sssd.conf.5.xml:1012
msgid "sudo_timed (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:1015
msgid ""
"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
"that implement time-dependent sudoers entries."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:976
+#: sssd.conf.5.xml:1028
msgid "AUTOFS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:978
+#: sssd.conf.5.xml:1030
msgid "These options can be used to configure the autofs service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:982
+#: sssd.conf.5.xml:1034
msgid "autofs_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:985
+#: sssd.conf.5.xml:1037
msgid ""
"Specifies for how many seconds should the autofs responder negative cache "
"hits (that is, queries for invalid map entries, like nonexistent ones) "
@@ -1345,51 +1424,51 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1001
+#: sssd.conf.5.xml:1053
msgid "SSH configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1003
+#: sssd.conf.5.xml:1055
msgid "These options can be used to configure the SSH service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1007
+#: sssd.conf.5.xml:1059
msgid "ssh_hash_known_hosts (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1010
+#: sssd.conf.5.xml:1062
msgid ""
"Whether or not to hash host names and addresses in the managed known_hosts "
"file."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1019
+#: sssd.conf.5.xml:1071
msgid "ssh_known_hosts_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1022
+#: sssd.conf.5.xml:1074
msgid ""
"How many seconds to keep a host in the managed known_hosts file after its "
"host keys were requested."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1026
+#: sssd.conf.5.xml:1078
msgid "Default: 180"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1034
+#: sssd.conf.5.xml:1086
msgid "PAC responder configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1036
+#: sssd.conf.5.xml:1088
msgid ""
"The PAC responder works together with the authorization data plugin for MIT "
"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
@@ -1401,7 +1480,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1045
+#: sssd.conf.5.xml:1097
msgid ""
"If the remote user does not exist in the cache, it is created. The uid is "
"determined with the help of the SID, trusted domains will have UPGs and the "
@@ -1412,24 +1491,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1053
+#: sssd.conf.5.xml:1105
msgid ""
"If there are SIDs of groups from domains sssd knows about, the user will be "
"added to those groups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1059
+#: sssd.conf.5.xml:1111
msgid "These options can be used to configure the PAC responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1063 sssd-ifp.5.xml:50
+#: sssd.conf.5.xml:1115 sssd-ifp.5.xml:50
msgid "allowed_uids (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1066
+#: sssd.conf.5.xml:1118
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAC responder. User names are resolved to UIDs at "
@@ -1437,12 +1516,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1072
+#: sssd.conf.5.xml:1124
msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1076
+#: sssd.conf.5.xml:1128
msgid ""
"Please note that although the UID 0 is used as the default it will be "
"overwritten with this option. If you still want to allow the root user to "
@@ -1451,24 +1530,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:1090
+#: sssd.conf.5.xml:1142
msgid "DOMAIN SECTIONS"
msgstr "SECÇÕES DE DOMÍNIO"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1097
+#: sssd.conf.5.xml:1149
msgid "min_id,max_id (integer)"
msgstr "min_id,max_id (integer)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1100
+#: sssd.conf.5.xml:1152
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1105
+#: sssd.conf.5.xml:1157
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For non-"
@@ -1477,47 +1556,47 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1112
+#: sssd.conf.5.xml:1164
msgid ""
"These ID limits affect even saving entries to cache, not only returning them "
"by name or ID."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1116
+#: sssd.conf.5.xml:1168
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr "Padrão: 1 para min_id, 0 (sem limite) para max_id"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1122
+#: sssd.conf.5.xml:1174
msgid "enumerate (bool)"
msgstr "enumerate (bool)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1125
+#: sssd.conf.5.xml:1177
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1129
+#: sssd.conf.5.xml:1181
msgid "TRUE = Users and groups are enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1132
+#: sssd.conf.5.xml:1184
msgid "FALSE = No enumerations for this domain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1135 sssd.conf.5.xml:1367 sssd.conf.5.xml:1476
-#: sssd.conf.5.xml:1493
+#: sssd.conf.5.xml:1187 sssd.conf.5.xml:1419 sssd.conf.5.xml:1528
+#: sssd.conf.5.xml:1545
msgid "Default: FALSE"
msgstr "Padrão: FALSE"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1138
+#: sssd.conf.5.xml:1190
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
@@ -1529,14 +1608,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1151
+#: sssd.conf.5.xml:1203
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1156
+#: sssd.conf.5.xml:1208
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -1545,39 +1624,39 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1164
+#: sssd.conf.5.xml:1216
msgid ""
"For the reasons cited above, enabling enumeration is not recommended, "
"especially in large environments."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1172
+#: sssd.conf.5.xml:1224
msgid "subdomain_enumerate (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1179
+#: sssd.conf.5.xml:1231
msgid "all"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1180
+#: sssd.conf.5.xml:1232
msgid "All discovered trusted domains will be enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1183
+#: sssd.conf.5.xml:1235
msgid "none"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1184
+#: sssd.conf.5.xml:1236
msgid "No discovered trusted domains will be enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1175
+#: sssd.conf.5.xml:1227
msgid ""
"Whether any of autodetected trusted domains should be enumerated. The "
"supported values are: <placeholder type=\"variablelist\" id=\"0\"/> "
@@ -1586,19 +1665,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1215
+#: sssd.conf.5.xml:1267
msgid "entry_cache_timeout (integer)"
msgstr "entry_cache_timeout (integer)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1218
+#: sssd.conf.5.xml:1270
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1222
+#: sssd.conf.5.xml:1274
msgid ""
"The cache expiration timestamps are stored as attributes of individual "
"objects in the cache. Therefore, changing the cache timeout only has effect "
@@ -1609,150 +1688,151 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1235
+#: sssd.conf.5.xml:1287
msgid "Default: 5400"
msgstr "Padrão: 5400"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1241
+#: sssd.conf.5.xml:1293
msgid "entry_cache_user_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1244
+#: sssd.conf.5.xml:1296
msgid ""
"How many seconds should nss_sss consider user entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1248 sssd.conf.5.xml:1261 sssd.conf.5.xml:1274
-#: sssd.conf.5.xml:1287 sssd.conf.5.xml:1300 sssd.conf.5.xml:1314
-#: sssd.conf.5.xml:1328
+#: sssd.conf.5.xml:1300 sssd.conf.5.xml:1313 sssd.conf.5.xml:1326
+#: sssd.conf.5.xml:1339 sssd.conf.5.xml:1352 sssd.conf.5.xml:1366
+#: sssd.conf.5.xml:1380
msgid "Default: entry_cache_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1254
+#: sssd.conf.5.xml:1306
msgid "entry_cache_group_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1257
+#: sssd.conf.5.xml:1309
msgid ""
"How many seconds should nss_sss consider group entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1267
+#: sssd.conf.5.xml:1319
msgid "entry_cache_netgroup_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1270
+#: sssd.conf.5.xml:1322
msgid ""
"How many seconds should nss_sss consider netgroup entries valid before "
"asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1280
+#: sssd.conf.5.xml:1332
msgid "entry_cache_service_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1283
+#: sssd.conf.5.xml:1335
msgid ""
"How many seconds should nss_sss consider service entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1293
+#: sssd.conf.5.xml:1345
msgid "entry_cache_sudo_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1296
+#: sssd.conf.5.xml:1348
msgid ""
"How many seconds should sudo consider rules valid before asking the backend "
"again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1306
+#: sssd.conf.5.xml:1358
msgid "entry_cache_autofs_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1309
+#: sssd.conf.5.xml:1361
msgid ""
"How many seconds should the autofs service consider automounter maps valid "
"before asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1320
+#: sssd.conf.5.xml:1372
msgid "entry_cache_ssh_host_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1323
+#: sssd.conf.5.xml:1375
msgid ""
"How many seconds to keep a host ssh key after refresh. IE how long to cache "
"the host key for."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1334
+#: sssd.conf.5.xml:1386
msgid "refresh_expired_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1337
+#: sssd.conf.5.xml:1389
msgid ""
"Specifies how many seconds SSSD has to wait before triggering a background "
"refresh task which will refresh all expired or nearly expired records."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1342
-msgid "Currently only refreshing expired netgroups is supported."
+#: sssd.conf.5.xml:1394
+msgid ""
+"The background refresh will process users, groups and netgroups in the cache."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1346
+#: sssd.conf.5.xml:1398
msgid "You can consider setting this value to 3/4 * entry_cache_timeout."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1350 sssd-ipa.5.xml:224
+#: sssd.conf.5.xml:1402 sssd-ipa.5.xml:224
msgid "Default: 0 (disabled)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1356
+#: sssd.conf.5.xml:1408
msgid "cache_credentials (bool)"
msgstr "cache_credentials (bool)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1359
+#: sssd.conf.5.xml:1411
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1363
+#: sssd.conf.5.xml:1415
msgid "User credentials are stored in a SHA512 hash, not in plaintext"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1372
+#: sssd.conf.5.xml:1424
msgid "account_cache_expiration (integer)"
msgstr "account_cache_expiration (integer)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1375
+#: sssd.conf.5.xml:1427
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -1761,17 +1841,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1382
+#: sssd.conf.5.xml:1434
msgid "Default: 0 (unlimited)"
msgstr "Padrão: 0 (ilimitado)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1387
+#: sssd.conf.5.xml:1439
msgid "pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1398
+#: sssd.conf.5.xml:1450
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1780,33 +1860,33 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1405
+#: sssd.conf.5.xml:1457
msgid "Default: 7 (Kerberos), 0 (LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1411
+#: sssd.conf.5.xml:1463
msgid "id_provider (string)"
msgstr "id_provider (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1414
+#: sssd.conf.5.xml:1466
msgid ""
"The identification provider used for the domain. Supported ID providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1418
+#: sssd.conf.5.xml:1470
msgid "<quote>proxy</quote>: Support a legacy NSS provider"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1421 sssd.conf.5.xml:1539
+#: sssd.conf.5.xml:1473 sssd.conf.5.xml:1591
msgid "<quote>local</quote>: SSSD internal provider for local users"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1425
+#: sssd.conf.5.xml:1477
msgid ""
"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
@@ -1814,8 +1894,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1433 sssd.conf.5.xml:1519 sssd.conf.5.xml:1574
-#: sssd.conf.5.xml:1627
+#: sssd.conf.5.xml:1485 sssd.conf.5.xml:1571 sssd.conf.5.xml:1626
+#: sssd.conf.5.xml:1679
msgid ""
"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -1824,8 +1904,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1442 sssd.conf.5.xml:1528 sssd.conf.5.xml:1583
-#: sssd.conf.5.xml:1636
+#: sssd.conf.5.xml:1494 sssd.conf.5.xml:1580 sssd.conf.5.xml:1635
+#: sssd.conf.5.xml:1688
msgid ""
"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1833,19 +1913,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1453
+#: sssd.conf.5.xml:1505
msgid "use_fully_qualified_names (bool)"
msgstr "use_fully_qualified_names (bool)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1456
+#: sssd.conf.5.xml:1508
msgid ""
"Use the full name and domain (as formatted by the domain's full_name_format) "
"as the user's login name reported to NSS."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1461
+#: sssd.conf.5.xml:1513
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified names. "
"For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -1854,7 +1934,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1469
+#: sssd.conf.5.xml:1521
msgid ""
"NOTE: This option has no effect on netgroup lookups due to their tendency to "
"include nested netgroups without qualified names. For netgroups, all domains "
@@ -1862,17 +1942,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1481
+#: sssd.conf.5.xml:1533
msgid "ignore_group_members (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1484
+#: sssd.conf.5.xml:1536
msgid "Do not return group members for group lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1487
+#: sssd.conf.5.xml:1539
msgid ""
"If set to TRUE, the group membership attribute is not requested from the "
"ldap server, and group members are not returned when processing group lookup "
@@ -1880,19 +1960,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1498
+#: sssd.conf.5.xml:1550
msgid "auth_provider (string)"
msgstr "auth_provider (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1501
+#: sssd.conf.5.xml:1553
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1505 sssd.conf.5.xml:1567
+#: sssd.conf.5.xml:1557 sssd.conf.5.xml:1619
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1900,7 +1980,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1512
+#: sssd.conf.5.xml:1564
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1908,30 +1988,30 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1536
+#: sssd.conf.5.xml:1588
msgid ""
"<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1543
+#: sssd.conf.5.xml:1595
msgid "<quote>none</quote> disables authentication explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1546
+#: sssd.conf.5.xml:1598
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1552
+#: sssd.conf.5.xml:1604
msgid "access_provider (string)"
msgstr "access_provider (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1555
+#: sssd.conf.5.xml:1607
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -1939,19 +2019,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1561
+#: sssd.conf.5.xml:1613
msgid ""
"<quote>permit</quote> always allow access. It's the only permitted access "
"provider for a local domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1564
+#: sssd.conf.5.xml:1616
msgid "<quote>deny</quote> always deny access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1591
+#: sssd.conf.5.xml:1643
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
@@ -1960,24 +2040,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1598
+#: sssd.conf.5.xml:1650
msgid "Default: <quote>permit</quote>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1603
+#: sssd.conf.5.xml:1655
msgid "chpass_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1606
+#: sssd.conf.5.xml:1658
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1611
+#: sssd.conf.5.xml:1663
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
@@ -1985,7 +2065,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1619
+#: sssd.conf.5.xml:1671
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1993,35 +2073,35 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1644
+#: sssd.conf.5.xml:1696
msgid ""
"<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1648
+#: sssd.conf.5.xml:1700
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1651
+#: sssd.conf.5.xml:1703
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1658
+#: sssd.conf.5.xml:1710
msgid "sudo_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1661
+#: sssd.conf.5.xml:1713
msgid "The SUDO provider used for the domain. Supported SUDO providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1665
+#: sssd.conf.5.xml:1717
msgid ""
"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2029,32 +2109,32 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1673
+#: sssd.conf.5.xml:1725
msgid ""
"<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default "
"settings."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1677
+#: sssd.conf.5.xml:1729
msgid ""
"<quote>ad</quote> the same as <quote>ldap</quote> but with AD default "
"settings."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1681
+#: sssd.conf.5.xml:1733
msgid "<quote>none</quote> disables SUDO explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1684 sssd.conf.5.xml:1762 sssd.conf.5.xml:1794
-#: sssd.conf.5.xml:1819
+#: sssd.conf.5.xml:1736 sssd.conf.5.xml:1814 sssd.conf.5.xml:1846
+#: sssd.conf.5.xml:1871
msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1688
+#: sssd.conf.5.xml:1740
msgid ""
"The detailed instructions for configuration of sudo_provider are in the "
"manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> "
@@ -2065,12 +2145,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1705
+#: sssd.conf.5.xml:1757
msgid "selinux_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1708
+#: sssd.conf.5.xml:1760
msgid ""
"The provider which should handle loading of selinux settings. Note that this "
"provider will be called right after access provider ends. Supported selinux "
@@ -2078,7 +2158,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1714
+#: sssd.conf.5.xml:1766
msgid ""
"<quote>ipa</quote> to load selinux settings from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2086,31 +2166,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1722
+#: sssd.conf.5.xml:1774
msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1725
+#: sssd.conf.5.xml:1777
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"selinux loading requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1731
+#: sssd.conf.5.xml:1783
msgid "subdomains_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1734
+#: sssd.conf.5.xml:1786
msgid ""
"The provider which should handle fetching of subdomains. This value should "
"be always the same as id_provider. Supported subdomain providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1740
+#: sssd.conf.5.xml:1792
msgid ""
"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2118,7 +2198,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1749
+#: sssd.conf.5.xml:1801
msgid ""
"<quote>ad</quote> to load a list of subdomains from an Active Directory "
"server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> "
@@ -2127,23 +2207,23 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1758
+#: sssd.conf.5.xml:1810
msgid "<quote>none</quote> disallows fetching subdomains explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1769
+#: sssd.conf.5.xml:1821
msgid "autofs_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1772
+#: sssd.conf.5.xml:1824
msgid ""
"The autofs provider used for the domain. Supported autofs providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1776
+#: sssd.conf.5.xml:1828
msgid ""
"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2151,7 +2231,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1783
+#: sssd.conf.5.xml:1835
msgid ""
"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2159,24 +2239,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1791
+#: sssd.conf.5.xml:1843
msgid "<quote>none</quote> disables autofs explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1801
+#: sssd.conf.5.xml:1853
msgid "hostid_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1804
+#: sssd.conf.5.xml:1856
msgid ""
"The provider used for retrieving host identity information. Supported "
"hostid providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1808
+#: sssd.conf.5.xml:1860
msgid ""
"<quote>ipa</quote> to load host identity stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2184,12 +2264,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1816
+#: sssd.conf.5.xml:1868
msgid "<quote>none</quote> disables hostid explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1829
+#: sssd.conf.5.xml:1881
msgid ""
"Regular expression for this domain that describes how to parse the string "
"containing user name and domain into these components. The \"domain\" can "
@@ -2199,7 +2279,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1838
+#: sssd.conf.5.xml:1890
msgid ""
"Default for the AD and IPA provider: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
"\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
@@ -2208,29 +2288,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1843
+#: sssd.conf.5.xml:1895
msgid "username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1846
+#: sssd.conf.5.xml:1898
msgid "username@domain.name"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1849
+#: sssd.conf.5.xml:1901
msgid "domain\\username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1852
+#: sssd.conf.5.xml:1904
msgid ""
"While the first two correspond to the general default the third one is "
"introduced to allow easy integration of users from Windows domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1857
+#: sssd.conf.5.xml:1909
msgid ""
"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
"which translates to \"the name is everything up to the <quote>@</quote> "
@@ -2238,7 +2318,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1863
+#: sssd.conf.5.xml:1915
msgid ""
"PLEASE NOTE: the support for non-unique named subpatterns is not available "
"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
@@ -2246,66 +2326,66 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1870
+#: sssd.conf.5.xml:1922
msgid ""
"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?"
"P&lt;name&gt;) to label subpatterns."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1917
+#: sssd.conf.5.xml:1969
msgid "Default: <quote>%1$s@%2$s</quote>."
msgstr "Default: <quote>%1$s@%2$s</quote>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1923
+#: sssd.conf.5.xml:1975
msgid "lookup_family_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1926
+#: sssd.conf.5.xml:1978
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1930
+#: sssd.conf.5.xml:1982
msgid "Supported values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1933
+#: sssd.conf.5.xml:1985
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1936
+#: sssd.conf.5.xml:1988
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1939
+#: sssd.conf.5.xml:1991
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1942
+#: sssd.conf.5.xml:1994
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1945
+#: sssd.conf.5.xml:1997
msgid "Default: ipv4_first"
msgstr "Default: ipv4_first"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1951
+#: sssd.conf.5.xml:2003
msgid "dns_resolver_timeout (integer)"
msgstr "dns_resolver_timeout (integer)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1954
+#: sssd.conf.5.xml:2006
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -2313,70 +2393,70 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1960 sssd-ldap.5.xml:1184 sssd-ldap.5.xml:1226
-#: sssd-ldap.5.xml:1241 sssd-krb5.5.xml:239
+#: sssd.conf.5.xml:2012 sssd-ldap.5.xml:1184 sssd-ldap.5.xml:1226
+#: sssd-ldap.5.xml:1241 sssd-krb5.5.xml:248
msgid "Default: 6"
msgstr "Padrão: 6"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1966
+#: sssd.conf.5.xml:2018
msgid "dns_discovery_domain (string)"
msgstr "dns_discovery_domain (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1969
+#: sssd.conf.5.xml:2021
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1973
+#: sssd.conf.5.xml:2025
msgid "Default: Use the domain part of machine's hostname"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1979
+#: sssd.conf.5.xml:2031
msgid "override_gid (integer)"
msgstr "override_gid (integer)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1982
+#: sssd.conf.5.xml:2034
msgid "Override the primary GID value with the one specified."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1988
+#: sssd.conf.5.xml:2040
msgid "case_sensitive (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1996
+#: sssd.conf.5.xml:2048
msgid "True"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1999
+#: sssd.conf.5.xml:2051
msgid "Case sensitive. This value is invalid for AD provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2005
+#: sssd.conf.5.xml:2057
msgid "False"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2007
+#: sssd.conf.5.xml:2059
msgid "Case insensitive."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2011
+#: sssd.conf.5.xml:2063
msgid "Preserving"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2014
+#: sssd.conf.5.xml:2066
msgid ""
"Same as False (case insensitive), but does not lowercase names in the result "
"of NSS operations. Note that name aliases (and in case of services also "
@@ -2384,7 +2464,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1991
+#: sssd.conf.5.xml:2043
msgid ""
"Treat user and group names as case sensitive. At the moment, this option is "
"not supported in the local provider. Possible option values are: "
@@ -2392,17 +2472,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2026
+#: sssd.conf.5.xml:2078
msgid "Default: True (False for AD provider)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2032
+#: sssd.conf.5.xml:2084
msgid "proxy_fast_alias (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2035
+#: sssd.conf.5.xml:2087
msgid ""
"When a user or group is looked up by name in the proxy provider, a second "
"lookup by ID is performed to \"canonicalize\" the name in case the requested "
@@ -2411,22 +2491,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2049
+#: sssd.conf.5.xml:2101
msgid "subdomain_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2060
+#: sssd.conf.5.xml:2112
msgid "%F"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2061
+#: sssd.conf.5.xml:2113
msgid "flat (NetBIOS) name of a subdomain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2052
+#: sssd.conf.5.xml:2104
msgid ""
"Use this homedir as default value for all subdomains within this domain in "
"IPA AD trust. See <emphasis>override_homedir</emphasis> for info about "
@@ -2436,29 +2516,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2066
+#: sssd.conf.5.xml:2118
msgid ""
"The value can be overridden by <emphasis>override_homedir</emphasis> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2070
+#: sssd.conf.5.xml:2122
msgid "Default: <filename>/home/%d/%u</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2075
+#: sssd.conf.5.xml:2127
msgid "realmd_tags (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2078
+#: sssd.conf.5.xml:2130
msgid ""
"Various tags stored by the realmd configuration service for this domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1092
+#: sssd.conf.5.xml:1144
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
@@ -2466,29 +2546,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2091
+#: sssd.conf.5.xml:2143
msgid "proxy_pam_target (string)"
msgstr "proxy_pam_target (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2094
+#: sssd.conf.5.xml:2146
msgid "The proxy target PAM proxies to."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2097
+#: sssd.conf.5.xml:2149
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2105
+#: sssd.conf.5.xml:2157
msgid "proxy_lib_name (string)"
msgstr "proxy_lib_name (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2108
+#: sssd.conf.5.xml:2160
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -2496,19 +2576,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:2087
+#: sssd.conf.5.xml:2139
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
"\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:2120
+#: sssd.conf.5.xml:2172
msgid "The local domain section"
msgstr "A secção de domínio local"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:2122
+#: sssd.conf.5.xml:2174
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -2516,73 +2596,73 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2129
+#: sssd.conf.5.xml:2181
msgid "default_shell (string)"
msgstr "default_shell (string)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2132
+#: sssd.conf.5.xml:2184
msgid "The default shell for users created with SSSD userspace tools."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2136
+#: sssd.conf.5.xml:2188
msgid "Default: <filename>/bin/bash</filename>"
msgstr "Padrão: <filename>bash/bin/bash</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2141
+#: sssd.conf.5.xml:2193
msgid "base_directory (string)"
msgstr "base_directory (string)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2144
+#: sssd.conf.5.xml:2196
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2149
+#: sssd.conf.5.xml:2201
msgid "Default: <filename>/home</filename>"
msgstr "Padrão: <filename>/ home</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2154
+#: sssd.conf.5.xml:2206
msgid "create_homedir (bool)"
msgstr "create_homedir (bool)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2157
+#: sssd.conf.5.xml:2209
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2161 sssd.conf.5.xml:2173
+#: sssd.conf.5.xml:2213 sssd.conf.5.xml:2225
msgid "Default: TRUE"
msgstr "Padrão: TRUE"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2166
+#: sssd.conf.5.xml:2218
msgid "remove_homedir (bool)"
msgstr "remove_homedir (bool)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2169
+#: sssd.conf.5.xml:2221
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2178
+#: sssd.conf.5.xml:2230
msgid "homedir_umask (integer)"
msgstr "homedir_umask (integer)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2181
+#: sssd.conf.5.xml:2233
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -2590,17 +2670,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2189
+#: sssd.conf.5.xml:2241
msgid "Default: 077"
msgstr "Padrão: 077"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2194
+#: sssd.conf.5.xml:2246
msgid "skel_dir (string)"
msgstr "skel_dir (string)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2197
+#: sssd.conf.5.xml:2249
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -2609,17 +2689,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2207
+#: sssd.conf.5.xml:2259
msgid "Default: <filename>/etc/skel</filename>"
msgstr "Padrão: <filename>skel/etc/skel</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2212
+#: sssd.conf.5.xml:2264
msgid "mail_dir (string)"
msgstr "mail_dir (string)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2215
+#: sssd.conf.5.xml:2267
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -2627,17 +2707,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2222
+#: sssd.conf.5.xml:2274
msgid "Default: <filename>/var/mail</filename>"
msgstr "Padrão: <filename>mail/var/mail</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2227
+#: sssd.conf.5.xml:2279
msgid "userdel_cmd (string)"
msgstr "userdel_cmd (string)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2230
+#: sssd.conf.5.xml:2282
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -2645,19 +2725,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2236
+#: sssd.conf.5.xml:2288
msgid "Default: None, no command is run"
msgstr "Padrão: None, nenhum comando é executado"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:2246 sssd-ldap.5.xml:2518 sssd-simple.5.xml:131
-#: sssd-ipa.5.xml:718 sssd-ad.5.xml:843 sssd-krb5.5.xml:519
+#: sssd.conf.5.xml:2298 sssd-ldap.5.xml:2569 sssd-simple.5.xml:131
+#: sssd-ipa.5.xml:718 sssd-ad.5.xml:843 sssd-krb5.5.xml:564
#: sss_rpcidmapd.5.xml:98
msgid "EXAMPLE"
msgstr "EXEMPLO"
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:2252
+#: sssd.conf.5.xml:2304
#, no-wrap
msgid ""
"[sssd]\n"
@@ -2711,7 +2791,7 @@ msgstr ""
"enumerate = False\n"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:2248
+#: sssd.conf.5.xml:2300
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -3556,7 +3636,7 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:738 sssd-ldap.5.xml:831 sssd-ldap.5.xml:1058
-#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:2102 sssd-ldap.5.xml:2441
+#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:2153 sssd-ldap.5.xml:2492
#: sssd-ipa.5.xml:591
msgid "Default: cn"
msgstr "Padrão: NC"
@@ -3839,11 +3919,6 @@ msgid ""
"dealing with complex or deep nested groups)."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1017
-msgid "ldap_use_tokengroups"
-msgstr ""
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1020
msgid ""
@@ -4078,7 +4153,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1258 sssd-ldap.5.xml:2259
+#: sssd-ldap.5.xml:1258 sssd-ldap.5.xml:2310
msgid "Default: 900 (15 minutes)"
msgstr ""
@@ -4532,7 +4607,7 @@ msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:403 sssd-krb5.5.xml:453
+#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:403 sssd-krb5.5.xml:462
msgid "krb5_canonicalize (boolean)"
msgstr "krb5_canonicalize (boolean)"
@@ -4544,12 +4619,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1700 sssd-krb5.5.xml:468
+#: sssd-ldap.5.xml:1700 sssd-krb5.5.xml:477
msgid "krb5_use_kdcinfo (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1703 sssd-krb5.5.xml:471
+#: sssd-ldap.5.xml:1703 sssd-krb5.5.xml:480
msgid ""
"Specifies if the SSSD should instruct the Kerberos libraries what realm and "
"which KDCs to use. This option is on by default, if you disable it, you need "
@@ -4559,7 +4634,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1714 sssd-krb5.5.xml:482
+#: sssd-ldap.5.xml:1714 sssd-krb5.5.xml:491
msgid ""
"See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</"
"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more "
@@ -4827,40 +4902,93 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1958
+msgid ""
+"<emphasis> Please note that this option is superseded by the <quote>ppolicy</"
+"quote> option and might be removed in a future release. </emphasis>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1965
+msgid ""
+"<emphasis>ppolicy</emphasis>: use account locking. If set, this option "
+"denies access in case that ldap attribute 'pwdAccountLockedTime' is present "
+"and has value of '000001010000Z' or represents any time in the past. The "
+"value of the 'pwdAccountLockedTime' attribute must end with 'Z', which "
+"denotes the UTC time zone. Other time zones are not currently supported and "
+"will result in \"access-denied\" when users attempt to log in. Please see "
+"the option ldap_pwdlockout_dn. Please note that 'access_provider = ldap' "
+"must be set for this feature to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1982
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1962
+#: sssd-ldap.5.xml:1986
+msgid ""
+"<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, "
+"pwd_expire_policy_renew: </emphasis> These options are useful if users are "
+"interested in being warned that password is about to expire and "
+"authentication is based on using a different method than passwords - for "
+"example SSH keys."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1996
+msgid ""
+"The difference between these options is the action taken if user password is "
+"expired: pwd_expire_policy_reject - user is denied to log in, "
+"pwd_expire_policy_warn - user is still able to log in, "
+"pwd_expire_policy_renew - user is prompted to change his password "
+"immediately."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2004
+msgid ""
+"Note If user password is expired no explicit message is prompted by SSSD."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2008
+msgid ""
+"Please note that 'access_provider = ldap' must be set for this feature to "
+"work. Also 'ldap_pwd_policy' must be set to an appropriate password policy."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2013
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1967
+#: sssd-ldap.5.xml:2018
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1971
+#: sssd-ldap.5.xml:2022
msgid "Default: filter"
msgstr "Padrão: filter"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1974
+#: sssd-ldap.5.xml:2025
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1981
+#: sssd-ldap.5.xml:2032
msgid "ldap_pwdlockout_dn (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1984
+#: sssd-ldap.5.xml:2035
msgid ""
"This option specifies the DN of password policy entry on LDAP server. Please "
"note that absence of this option in sssd.conf in case of enabled account "
@@ -4869,74 +4997,74 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1992
+#: sssd-ldap.5.xml:2043
msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1995
+#: sssd-ldap.5.xml:2046
msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2001
+#: sssd-ldap.5.xml:2052
msgid "ldap_deref (string)"
msgstr "ldap_deref (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2004
+#: sssd-ldap.5.xml:2055
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2009
+#: sssd-ldap.5.xml:2060
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2013
+#: sssd-ldap.5.xml:2064
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2018
+#: sssd-ldap.5.xml:2069
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2023
+#: sssd-ldap.5.xml:2074
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2028
+#: sssd-ldap.5.xml:2079
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2036
+#: sssd-ldap.5.xml:2087
msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2039
+#: sssd-ldap.5.xml:2090
msgid ""
"Allows to retain local users as members of an LDAP group for servers that "
"use the RFC2307 schema."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2043
+#: sssd-ldap.5.xml:2094
msgid ""
"In some environments where the RFC2307 schema is used, local users are made "
"members of LDAP groups by adding their names to the memberUid attribute. "
@@ -4947,7 +5075,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2054
+#: sssd-ldap.5.xml:2105
msgid ""
"This option falls back to checking if local users are referenced, and caches "
"them so that later initgroups() calls will augment the local users with the "
@@ -4965,12 +5093,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2070
+#: sssd-ldap.5.xml:2121
msgid "SUDO OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2072
+#: sssd-ldap.5.xml:2123
msgid ""
"The detailed instructions for configuration of sudo_provider are in the "
"manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> "
@@ -4978,208 +5106,208 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2083
+#: sssd-ldap.5.xml:2134
msgid "ldap_sudorule_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2086
+#: sssd-ldap.5.xml:2137
msgid "The object class of a sudo rule entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2089
+#: sssd-ldap.5.xml:2140
msgid "Default: sudoRole"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2095
+#: sssd-ldap.5.xml:2146
msgid "ldap_sudorule_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2098
+#: sssd-ldap.5.xml:2149
msgid "The LDAP attribute that corresponds to the sudo rule name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2108
+#: sssd-ldap.5.xml:2159
msgid "ldap_sudorule_command (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2111
+#: sssd-ldap.5.xml:2162
msgid "The LDAP attribute that corresponds to the command name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2115
+#: sssd-ldap.5.xml:2166
msgid "Default: sudoCommand"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2121
+#: sssd-ldap.5.xml:2172
msgid "ldap_sudorule_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2124
+#: sssd-ldap.5.xml:2175
msgid ""
"The LDAP attribute that corresponds to the host name (or host IP address, "
"host IP network, or host netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2129
+#: sssd-ldap.5.xml:2180
msgid "Default: sudoHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2135
+#: sssd-ldap.5.xml:2186
msgid "ldap_sudorule_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2138
+#: sssd-ldap.5.xml:2189
msgid ""
"The LDAP attribute that corresponds to the user name (or UID, group name or "
"user's netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2142
+#: sssd-ldap.5.xml:2193
msgid "Default: sudoUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2148
+#: sssd-ldap.5.xml:2199
msgid "ldap_sudorule_option (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2151
+#: sssd-ldap.5.xml:2202
msgid "The LDAP attribute that corresponds to the sudo options."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2155
+#: sssd-ldap.5.xml:2206
msgid "Default: sudoOption"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2161
+#: sssd-ldap.5.xml:2212
msgid "ldap_sudorule_runasuser (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2164
+#: sssd-ldap.5.xml:2215
msgid ""
"The LDAP attribute that corresponds to the user name that commands may be "
"run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2168
+#: sssd-ldap.5.xml:2219
msgid "Default: sudoRunAsUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2174
+#: sssd-ldap.5.xml:2225
msgid "ldap_sudorule_runasgroup (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2177
+#: sssd-ldap.5.xml:2228
msgid ""
"The LDAP attribute that corresponds to the group name or group GID that "
"commands may be run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2181
+#: sssd-ldap.5.xml:2232
msgid "Default: sudoRunAsGroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2187
+#: sssd-ldap.5.xml:2238
msgid "ldap_sudorule_notbefore (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2190
+#: sssd-ldap.5.xml:2241
msgid ""
"The LDAP attribute that corresponds to the start date/time for when the sudo "
"rule is valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2194
+#: sssd-ldap.5.xml:2245
msgid "Default: sudoNotBefore"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2200
+#: sssd-ldap.5.xml:2251
msgid "ldap_sudorule_notafter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2203
+#: sssd-ldap.5.xml:2254
msgid ""
"The LDAP attribute that corresponds to the expiration date/time, after which "
"the sudo rule will no longer be valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2208
+#: sssd-ldap.5.xml:2259
msgid "Default: sudoNotAfter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2214
+#: sssd-ldap.5.xml:2265
msgid "ldap_sudorule_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2217
+#: sssd-ldap.5.xml:2268
msgid "The LDAP attribute that corresponds to the ordering index of the rule."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2221
+#: sssd-ldap.5.xml:2272
msgid "Default: sudoOrder"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2227
+#: sssd-ldap.5.xml:2278
msgid "ldap_sudo_full_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2230
+#: sssd-ldap.5.xml:2281
msgid ""
"How many seconds SSSD will wait between executing a full refresh of sudo "
"rules (which downloads all rules that are stored on the server)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2235
+#: sssd-ldap.5.xml:2286
msgid ""
"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </"
"emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2240
+#: sssd-ldap.5.xml:2291
msgid "Default: 21600 (6 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2246
+#: sssd-ldap.5.xml:2297
msgid "ldap_sudo_smart_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2249
+#: sssd-ldap.5.xml:2300
msgid ""
"How many seconds SSSD has to wait before executing a smart refresh of sudo "
"rules (which downloads all rules that have USN higher than the highest USN "
@@ -5187,101 +5315,101 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2255
+#: sssd-ldap.5.xml:2306
msgid ""
"If USN attributes are not supported by the server, the modifyTimestamp "
"attribute is used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2265
+#: sssd-ldap.5.xml:2316
msgid "ldap_sudo_use_host_filter (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2268
+#: sssd-ldap.5.xml:2319
msgid ""
"If true, SSSD will download only rules that are applicable to this machine "
"(using the IPv4 or IPv6 host/network addresses and hostnames)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2279
+#: sssd-ldap.5.xml:2330
msgid "ldap_sudo_hostnames (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2282
+#: sssd-ldap.5.xml:2333
msgid ""
"Space separated list of hostnames or fully qualified domain names that "
"should be used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2287
+#: sssd-ldap.5.xml:2338
msgid ""
"If this option is empty, SSSD will try to discover the hostname and the "
"fully qualified domain name automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2292 sssd-ldap.5.xml:2315 sssd-ldap.5.xml:2333
-#: sssd-ldap.5.xml:2351
+#: sssd-ldap.5.xml:2343 sssd-ldap.5.xml:2366 sssd-ldap.5.xml:2384
+#: sssd-ldap.5.xml:2402
msgid ""
"If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</"
"emphasis> then this option has no effect."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2297 sssd-ldap.5.xml:2320
+#: sssd-ldap.5.xml:2348 sssd-ldap.5.xml:2371
msgid "Default: not specified"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2303
+#: sssd-ldap.5.xml:2354
msgid "ldap_sudo_ip (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2306
+#: sssd-ldap.5.xml:2357
msgid ""
"Space separated list of IPv4 or IPv6 host/network addresses that should be "
"used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2311
+#: sssd-ldap.5.xml:2362
msgid ""
"If this option is empty, SSSD will try to discover the addresses "
"automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2326
+#: sssd-ldap.5.xml:2377
msgid "ldap_sudo_include_netgroups (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2329
+#: sssd-ldap.5.xml:2380
msgid ""
"If true then SSSD will download every rule that contains a netgroup in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2344
+#: sssd-ldap.5.xml:2395
msgid "ldap_sudo_include_regexp (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2347
+#: sssd-ldap.5.xml:2398
msgid ""
"If true then SSSD will download every rule that contains a wildcard in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2363
+#: sssd-ldap.5.xml:2414
msgid ""
"This manual page only describes attribute name mapping. For detailed "
"explanation of sudo related attribute semantics, see <citerefentry> "
@@ -5290,91 +5418,91 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2373
+#: sssd-ldap.5.xml:2424
msgid "AUTOFS OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2375
+#: sssd-ldap.5.xml:2426
msgid ""
"Please note that the default values correspond to the default schema which "
"is RFC2307."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2381
+#: sssd-ldap.5.xml:2432
msgid "ldap_autofs_map_master_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2384
+#: sssd-ldap.5.xml:2435
msgid "The name of the automount master map in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2387
+#: sssd-ldap.5.xml:2438
msgid "Default: auto.master"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2394
+#: sssd-ldap.5.xml:2445
msgid "ldap_autofs_map_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2397 sssd-ldap.5.xml:2423
+#: sssd-ldap.5.xml:2448 sssd-ldap.5.xml:2474
msgid "The object class of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2400 sssd-ldap.5.xml:2427
+#: sssd-ldap.5.xml:2451 sssd-ldap.5.xml:2478
msgid "Default: automountMap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2407
+#: sssd-ldap.5.xml:2458
msgid "ldap_autofs_map_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2410
+#: sssd-ldap.5.xml:2461
msgid "The name of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2413
+#: sssd-ldap.5.xml:2464
msgid "Default: ou"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2420
+#: sssd-ldap.5.xml:2471
msgid "ldap_autofs_entry_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2434
+#: sssd-ldap.5.xml:2485
msgid "ldap_autofs_entry_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2437 sssd-ldap.5.xml:2451
+#: sssd-ldap.5.xml:2488 sssd-ldap.5.xml:2502
msgid ""
"The key of an automount entry in LDAP. The entry usually corresponds to a "
"mount point."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2448
+#: sssd-ldap.5.xml:2499
msgid "ldap_autofs_entry_value (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2455
+#: sssd-ldap.5.xml:2506
msgid "Default: automountInformation"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2379
+#: sssd-ldap.5.xml:2430
msgid ""
"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
@@ -5383,32 +5511,32 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2465
+#: sssd-ldap.5.xml:2516
msgid "ADVANCED OPTIONS"
msgstr "OPÇÕES AVANÇADAS"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2472
+#: sssd-ldap.5.xml:2523
msgid "ldap_netgroup_search_base (string)"
msgstr "ldap_netgroup_search_base (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2477
+#: sssd-ldap.5.xml:2528
msgid "ldap_user_search_base (string)"
msgstr "ldap_user_search_base (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2482
+#: sssd-ldap.5.xml:2533
msgid "ldap_group_search_base (string)"
msgstr "ldap_group_search_base (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><note>
-#: sssd-ldap.5.xml:2487
+#: sssd-ldap.5.xml:2538
msgid "<note>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para>
-#: sssd-ldap.5.xml:2489
+#: sssd-ldap.5.xml:2540
msgid ""
"If the option <quote>ldap_use_tokengroups</quote> is enabled. The searches "
"against Active Directory will not be restricted and return all groups "
@@ -5417,22 +5545,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist>
-#: sssd-ldap.5.xml:2496
+#: sssd-ldap.5.xml:2547
msgid "</note>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2498
+#: sssd-ldap.5.xml:2549
msgid "ldap_sudo_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2503
+#: sssd-ldap.5.xml:2554
msgid "ldap_autofs_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2467
+#: sssd-ldap.5.xml:2518
msgid ""
"These options are supported by LDAP domains, but they should be used with "
"caution. Please include them in your configuration only if you know what you "
@@ -5441,7 +5569,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2520
+#: sssd-ldap.5.xml:2571
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -5449,7 +5577,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2526
+#: sssd-ldap.5.xml:2577
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -5462,26 +5590,26 @@ msgid ""
msgstr ""
#. type: Content of: <refsect1><refsect2><para>
-#: sssd-ldap.5.xml:2525 sssd-ldap.5.xml:2543 sssd-simple.5.xml:139
+#: sssd-ldap.5.xml:2576 sssd-ldap.5.xml:2594 sssd-simple.5.xml:139
#: sssd-ipa.5.xml:726 sssd-ad.5.xml:851 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98
-#: sssd-krb5.5.xml:528 include/ldap_id_mapping.xml:105
+#: sssd-krb5.5.xml:573 include/ldap_id_mapping.xml:105
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr "<placeholder type=\"programlisting\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2537
+#: sssd-ldap.5.xml:2588
msgid "LDAP ACCESS FILTER EXAMPLE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2539
+#: sssd-ldap.5.xml:2590
msgid ""
"The following example assumes that SSSD is correctly configured and to use "
"the ldap_access_order=lockout."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2544
+#: sssd-ldap.5.xml:2595
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -5497,13 +5625,13 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2559 sssd_krb5_locator_plugin.8.xml:61
+#: sssd-ldap.5.xml:2610 sssd_krb5_locator_plugin.8.xml:61
#: sssd-simple.5.xml:148 sssd-ad.5.xml:866 sssd.8.xml:195 sss_seed.8.xml:163
msgid "NOTES"
msgstr "NOTAS"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2561
+#: sssd-ldap.5.xml:2612
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -6263,7 +6391,7 @@ msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:371 sssd-krb5.5.xml:245
+#: sssd-ipa.5.xml:371 sssd-krb5.5.xml:254
msgid "krb5_validate (boolean)"
msgstr "krb5_validate (boolean)"
@@ -6304,12 +6432,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:419 sssd-krb5.5.xml:407
+#: sssd-ipa.5.xml:419 sssd-krb5.5.xml:416
msgid "krb5_use_fast (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:422 sssd-krb5.5.xml:410
+#: sssd-ipa.5.xml:422 sssd-krb5.5.xml:419
msgid ""
"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-"
"authentication. The following options are supported:"
@@ -6329,7 +6457,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:436 sssd-krb5.5.xml:424
+#: sssd-ipa.5.xml:436 sssd-krb5.5.xml:433
msgid ""
"<emphasis>demand</emphasis> to use FAST. The authentication fails if the "
"server does not require fast."
@@ -6341,7 +6469,7 @@ msgid "Default: try"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:444 sssd-krb5.5.xml:435
+#: sssd-ipa.5.xml:444 sssd-krb5.5.xml:444
msgid ""
"NOTE: SSSD supports FAST only with MIT Kerberos version 1.8 and later. If "
"SSSD is used with an older version of MIT Kerberos, using this option is a "
@@ -7433,12 +7561,12 @@ msgid "Default: True"
msgstr "Padrão: TRUE"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:797 sssd-krb5.5.xml:496
+#: sssd-ad.5.xml:797 sssd-krb5.5.xml:505
msgid "krb5_use_enterprise_principal (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:800 sssd-krb5.5.xml:499
+#: sssd-ad.5.xml:800 sssd-krb5.5.xml:508
msgid ""
"Specifies if the user principal should be treated as enterprise principal. "
"See section 5 of RFC 6806 for more details about enterprise principals."
@@ -8391,16 +8519,24 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:225
+msgid ""
+"NOTE: Please be aware that libkrb5 ccache expansion template from "
+"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> uses different expansion sequences than SSSD."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:234
msgid "Default: (from libkrb5)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:231
+#: sssd-krb5.5.xml:240
msgid "krb5_auth_timeout (integer)"
msgstr "krb5_auth_timeout (integer)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:234
+#: sssd-krb5.5.xml:243
msgid ""
"Timeout in seconds after an online authentication request or change password "
"request is aborted. If possible, the authentication request is continued "
@@ -8408,7 +8544,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:248
+#: sssd-krb5.5.xml:257
msgid ""
"Verify with the help of krb5_keytab that the TGT obtained has not been "
"spoofed. The keytab is checked for entries sequentially, and the first entry "
@@ -8419,36 +8555,36 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:263
+#: sssd-krb5.5.xml:272
msgid "krb5_keytab (string)"
msgstr "krb5_keytab (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:266
+#: sssd-krb5.5.xml:275
msgid ""
"The location of the keytab to use when validating credentials obtained from "
"KDCs."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:270
+#: sssd-krb5.5.xml:279
msgid "Default: /etc/krb5.keytab"
msgstr "Padrão: /etc/krb5.keytab"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:276
+#: sssd-krb5.5.xml:285
msgid "krb5_store_password_if_offline (boolean)"
msgstr "krb5_store_password_if_offline (boolean)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:279
+#: sssd-krb5.5.xml:288
msgid ""
"Store the password of the user if the provider is offline and use it to "
"request a TGT when the provider comes online again."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:284
+#: sssd-krb5.5.xml:293
msgid ""
"NOTE: this feature is only available on Linux. Passwords stored in this way "
"are kept in plaintext in the kernel keyring and are potentially accessible "
@@ -8456,91 +8592,91 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:297
+#: sssd-krb5.5.xml:306
msgid "krb5_renewable_lifetime (string)"
msgstr "krb5_renewable_lifetime (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:300
+#: sssd-krb5.5.xml:309
msgid ""
"Request a renewable ticket with a total lifetime, given as an integer "
"immediately followed by a time unit:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:305 sssd-krb5.5.xml:339 sssd-krb5.5.xml:376
+#: sssd-krb5.5.xml:314 sssd-krb5.5.xml:348 sssd-krb5.5.xml:385
msgid "<emphasis>s</emphasis> for seconds"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:308 sssd-krb5.5.xml:342 sssd-krb5.5.xml:379
+#: sssd-krb5.5.xml:317 sssd-krb5.5.xml:351 sssd-krb5.5.xml:388
msgid "<emphasis>m</emphasis> for minutes"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:311 sssd-krb5.5.xml:345 sssd-krb5.5.xml:382
+#: sssd-krb5.5.xml:320 sssd-krb5.5.xml:354 sssd-krb5.5.xml:391
msgid "<emphasis>h</emphasis> for hours"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:314 sssd-krb5.5.xml:348 sssd-krb5.5.xml:385
+#: sssd-krb5.5.xml:323 sssd-krb5.5.xml:357 sssd-krb5.5.xml:394
msgid "<emphasis>d</emphasis> for days."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:317 sssd-krb5.5.xml:388
+#: sssd-krb5.5.xml:326 sssd-krb5.5.xml:397
msgid "If there is no unit given, <emphasis>s</emphasis> is assumed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:321 sssd-krb5.5.xml:392
+#: sssd-krb5.5.xml:330 sssd-krb5.5.xml:401
msgid ""
"NOTE: It is not possible to mix units. To set the renewable lifetime to one "
"and a half hours, use '90m' instead of '1h30m'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:326
+#: sssd-krb5.5.xml:335
msgid "Default: not set, i.e. the TGT is not renewable"
msgstr "Padrão: não definido, ou seja, o TGT não é renovável"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:332
+#: sssd-krb5.5.xml:341
msgid "krb5_lifetime (string)"
msgstr "krb5_lifetime (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:335
+#: sssd-krb5.5.xml:344
msgid ""
"Request ticket with a lifetime, given as an integer immediately followed by "
"a time unit:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:351
+#: sssd-krb5.5.xml:360
msgid "If there is no unit given <emphasis>s</emphasis> is assumed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:355
+#: sssd-krb5.5.xml:364
msgid ""
"NOTE: It is not possible to mix units. To set the lifetime to one and a "
"half hours please use '90m' instead of '1h30m'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:360
+#: sssd-krb5.5.xml:369
msgid ""
"Default: not set, i.e. the default ticket lifetime configured on the KDC."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:367
+#: sssd-krb5.5.xml:376
msgid "krb5_renew_interval (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:370
+#: sssd-krb5.5.xml:379
msgid ""
"The time in seconds between two checks if the TGT should be renewed. TGTs "
"are renewed if about half of their lifetime is exceeded, given as an integer "
@@ -8548,56 +8684,91 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:397
+#: sssd-krb5.5.xml:406
msgid "If this option is not set or is 0 the automatic renewal is disabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:415
+#: sssd-krb5.5.xml:424
msgid ""
"<emphasis>never</emphasis> use FAST. This is equivalent to not setting this "
"option at all."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:419
+#: sssd-krb5.5.xml:428
msgid ""
"<emphasis>try</emphasis> to use FAST. If the server does not support FAST, "
"continue the authentication without it."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:429
+#: sssd-krb5.5.xml:438
msgid "Default: not set, i.e. FAST is not used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:432
+#: sssd-krb5.5.xml:441
msgid "NOTE: a keytab is required to use FAST."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:444
+#: sssd-krb5.5.xml:453
msgid "krb5_fast_principal (string)"
msgstr "krb5_fast_principal (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:447
+#: sssd-krb5.5.xml:456
msgid "Specifies the server principal to use for FAST."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:456
+#: sssd-krb5.5.xml:465
msgid ""
"Specifies if the host and user principal should be canonicalized. This "
"feature is available with MIT Kerberos 1.7 and later versions."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:505
+#: sssd-krb5.5.xml:514
msgid "Default: false (AD provider: true)"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:520
+#, fuzzy
+#| msgid "krb5_ccachedir (string)"
+msgid "krb5_map_user (string)"
+msgstr "krb5_ccachedir (string)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:523
+msgid ""
+"The list of mappings is given as a comma-separated list of pairs "
+"<quote>username:primary</quote> where <quote>username</quote> is a UNIX user "
+"name and <quote>primary</quote> is a user part of a kerberos principal. This "
+"mapping is used when user is authenticating using <quote>auth_provider = "
+"krb5</quote>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd-krb5.5.xml:535
+#, no-wrap
+msgid ""
+"krb5_realm = REALM\n"
+"krb5_map_user = joe:juser,dick:richard\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:540
+msgid ""
+"<quote>joe</quote> and <quote>dick</quote> are UNIX user names and "
+"<quote>juser</quote> and <quote>richard</quote> are primaries of kerberos "
+"principals. For user <quote>joe</quote> resp. <quote>dick</quote> SSSD will "
+"try to kinit as <quote>juser@REALM</quote> resp. <quote>richard@REALM</"
+"quote>."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-krb5.5.xml:65
msgid ""
@@ -8609,7 +8780,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-krb5.5.xml:521
+#: sssd-krb5.5.xml:566
msgid ""
"The following example assumes that SSSD is correctly configured and FOO is "
"one of the domains in the <replaceable>[sssd]</replaceable> section. This "
@@ -8618,7 +8789,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-krb5.5.xml:529
+#: sssd-krb5.5.xml:574
#, no-wrap
msgid ""
" [domain/FOO]\n"
diff --git a/src/man/po/ru.po b/src/man/po/ru.po
index ea5bc2357..f7f14c5b4 100644
--- a/src/man/po/ru.po
+++ b/src/man/po/ru.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: sssd-docs 1.12.2\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2015-02-18 16:52+0100\n"
+"POT-Creation-Date: 2015-06-12 10:36+0200\n"
"PO-Revision-Date: 2014-06-04 02:04-0400\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Russian (http://www.transifex.com/projects/p/sssd/language/"
@@ -19,7 +19,7 @@ msgstr ""
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n"
"%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n"
-"X-Generator: Zanata 3.5.1\n"
+"X-Generator: Zanata 3.6.2\n"
#. type: Content of: <reference><title>
#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5
@@ -226,11 +226,11 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:81 sssd.conf.5.xml:571 sssd.conf.5.xml:1014
+#: sssd.conf.5.xml:81 sssd.conf.5.xml:602 sssd.conf.5.xml:1066
#: sssd-ldap.5.xml:1625 sssd-ldap.5.xml:1722 sssd-ldap.5.xml:1784
-#: sssd-ldap.5.xml:2273 sssd-ldap.5.xml:2338 sssd-ldap.5.xml:2356
+#: sssd-ldap.5.xml:2324 sssd-ldap.5.xml:2389 sssd-ldap.5.xml:2407
#: sssd-ipa.5.xml:378 sssd-ipa.5.xml:413 sssd-ad.5.xml:166 sssd-ad.5.xml:264
-#: sssd-ad.5.xml:714 sssd-ad.5.xml:806 sssd-krb5.5.xml:490
+#: sssd-ad.5.xml:714 sssd-ad.5.xml:806 sssd-krb5.5.xml:499
msgid "Default: true"
msgstr ""
@@ -247,16 +247,16 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:94 sssd.conf.5.xml:968 sssd.conf.5.xml:2043
+#: sssd.conf.5.xml:94 sssd.conf.5.xml:1020 sssd.conf.5.xml:2095
#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1499 sssd-ldap.5.xml:1518
-#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:2060 sssd-ipa.5.xml:139
-#: sssd-ipa.5.xml:208 sssd-ipa.5.xml:543 sssd-krb5.5.xml:257
-#: sssd-krb5.5.xml:291 sssd-krb5.5.xml:462
+#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:2111 sssd-ipa.5.xml:139
+#: sssd-ipa.5.xml:208 sssd-ipa.5.xml:543 sssd-krb5.5.xml:266
+#: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471
msgid "Default: false"
msgstr "По умолчанию: false"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:67 sssd.conf.5.xml:105 sssd-ldap.5.xml:2081
+#: sssd.conf.5.xml:67 sssd.conf.5.xml:105 sssd-ldap.5.xml:2132
msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
@@ -293,7 +293,7 @@ msgid "The [sssd] section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:137 sssd.conf.5.xml:2127
+#: sssd.conf.5.xml:137 sssd.conf.5.xml:2179
msgid "Section parameters"
msgstr ""
@@ -362,7 +362,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:193 sssd.conf.5.xml:1826
+#: sssd.conf.5.xml:193 sssd.conf.5.xml:1878
msgid "re_expression (string)"
msgstr ""
@@ -382,12 +382,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:210 sssd.conf.5.xml:1877
+#: sssd.conf.5.xml:210 sssd.conf.5.xml:1929
msgid "full_name_format (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:213 sssd.conf.5.xml:1880
+#: sssd.conf.5.xml:213 sssd.conf.5.xml:1932
msgid ""
"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
"manvolnum> </citerefentry>-compatible format that describes how to compose a "
@@ -395,39 +395,39 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:224 sssd.conf.5.xml:1891
+#: sssd.conf.5.xml:224 sssd.conf.5.xml:1943
msgid "%1$s"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:225 sssd.conf.5.xml:1892
+#: sssd.conf.5.xml:225 sssd.conf.5.xml:1944
msgid "user name"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:228 sssd.conf.5.xml:1895
+#: sssd.conf.5.xml:228 sssd.conf.5.xml:1947
msgid "%2$s"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:231 sssd.conf.5.xml:1898
+#: sssd.conf.5.xml:231 sssd.conf.5.xml:1950
msgid "domain name as specified in the SSSD config file."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:237 sssd.conf.5.xml:1904
+#: sssd.conf.5.xml:237 sssd.conf.5.xml:1956
msgid "%3$s"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:240 sssd.conf.5.xml:1907
+#: sssd.conf.5.xml:240 sssd.conf.5.xml:1959
msgid ""
"domain flat name. Mostly usable for Active Directory domains, both directly "
"configured or discovered via IPA trusts."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:221 sssd.conf.5.xml:1888
+#: sssd.conf.5.xml:221 sssd.conf.5.xml:1940
msgid ""
"The following expansions are supported: <placeholder type=\"variablelist\" "
"id=\"0\"/>"
@@ -544,8 +544,8 @@ msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:336 sssd-ldap.5.xml:663 sssd-ldap.5.xml:1458
#: sssd-ldap.5.xml:1470 sssd-ldap.5.xml:1552 sssd-ad.5.xml:557
-#: sssd-ad.5.xml:627 sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:203
-#: include/ldap_id_mapping.xml:214
+#: sssd-ad.5.xml:627 sssd-krb5.5.xml:410 sssd-krb5.5.xml:550
+#: include/ldap_id_mapping.xml:203 include/ldap_id_mapping.xml:214
msgid "Default: not set"
msgstr ""
@@ -648,18 +648,18 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:427 sssd.conf.5.xml:443 sssd.conf.5.xml:475
-#: sssd.conf.5.xml:702 sssd.conf.5.xml:888 sssd.conf.5.xml:1209
+#: sssd.conf.5.xml:733 sssd.conf.5.xml:919 sssd.conf.5.xml:1261
#: sssd-ldap.5.xml:1200
msgid "Default: 60"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:432 sssd.conf.5.xml:1198
+#: sssd.conf.5.xml:432 sssd.conf.5.xml:1250
msgid "force_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:435 sssd.conf.5.xml:1201
+#: sssd.conf.5.xml:435 sssd.conf.5.xml:1253
msgid ""
"If a service is not responding to ping checks (see the <quote>timeout</"
"quote> option), it is first sent the SIGTERM signal that instructs it to "
@@ -706,41 +706,93 @@ msgid ""
"will be forced to one hour."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:480
+msgid "subdomain_inherit (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:483
+msgid ""
+"Specifies a list of configuration parameters that should be inherited by a "
+"subdomain. Please note that only selected parameters can be inherited. "
+"Currently the following options can be inherited:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:489
+msgid "ignore_group_members"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:492
+msgid "ldap_purge_cache_timeout"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:495 sssd-ldap.5.xml:1017
+msgid "ldap_use_tokengroups"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:498
+msgid "ldap_user_principal"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd.conf.5.xml:503
+#, no-wrap
+msgid ""
+"subdomain_inherit = ldap_purge_cache_timeout\n"
+" "
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:501
+msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:507 sssd.conf.5.xml:963 sssd.conf.5.xml:984
+#: sssd.conf.5.xml:1244 sssd-ldap.5.xml:1753
+msgid "Default: none"
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:484
+#: sssd.conf.5.xml:515
msgid "NSS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:486
+#: sssd.conf.5.xml:517
msgid ""
"These options can be used to configure the Name Service Switch (NSS) service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:491
+#: sssd.conf.5.xml:522
msgid "enum_cache_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:494
+#: sssd.conf.5.xml:525
msgid ""
"How many seconds should nss_sss cache enumerations (requests for info about "
"all users)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:498
+#: sssd.conf.5.xml:529
msgid "Default: 120"
msgstr "По умолчанию: 120"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:503
+#: sssd.conf.5.xml:534
msgid "entry_cache_nowait_percentage (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:506
+#: sssd.conf.5.xml:537
msgid ""
"The entry cache can be set to automatically update entries in the background "
"if they are requested beyond a percentage of the entry_cache_timeout value "
@@ -748,7 +800,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:512
+#: sssd.conf.5.xml:543
msgid ""
"For example, if the domain's entry_cache_timeout is set to 30s and "
"entry_cache_nowait_percentage is set to 50 (percent), entries that come in "
@@ -758,7 +810,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:522
+#: sssd.conf.5.xml:553
msgid ""
"Valid values for this option are 0-99 and represent a percentage of the "
"entry_cache_timeout for each domain. For performance reasons, this "
@@ -767,17 +819,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:530
+#: sssd.conf.5.xml:561
msgid "Default: 50"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:535
+#: sssd.conf.5.xml:566
msgid "entry_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:538
+#: sssd.conf.5.xml:569
msgid ""
"Specifies for how many seconds nss_sss should cache negative cache hits "
"(that is, queries for invalid database entries, like nonexistent ones) "
@@ -785,17 +837,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:544 sssd.conf.5.xml:992
+#: sssd.conf.5.xml:575 sssd.conf.5.xml:1044
msgid "Default: 15"
msgstr "По умолчанию: 15"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:549
+#: sssd.conf.5.xml:580
msgid "filter_users, filter_groups (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:552
+#: sssd.conf.5.xml:583
msgid ""
"Exclude certain users from being fetched from the sss NSS database. This is "
"particularly useful for system accounts. This option can also be set per-"
@@ -804,41 +856,41 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:559
+#: sssd.conf.5.xml:590
msgid "Default: root"
msgstr "По умолчанию: root"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:564
+#: sssd.conf.5.xml:595
msgid "filter_users_in_groups (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:567
+#: sssd.conf.5.xml:598
msgid ""
"If you want filtered user still be group members set this option to false."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:578
+#: sssd.conf.5.xml:609
msgid "fallback_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:581
+#: sssd.conf.5.xml:612
msgid ""
"Set a default template for a user's home directory if one is not specified "
"explicitly by the domain's data provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:586
+#: sssd.conf.5.xml:617
msgid ""
"The available values for this option are the same as for override_homedir."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
-#: sssd.conf.5.xml:592
+#: sssd.conf.5.xml:623
#, no-wrap
msgid ""
"fallback_homedir = /home/%u\n"
@@ -846,22 +898,23 @@ msgid ""
msgstr ""
#. type: Content of: <varlistentry><listitem><para>
-#: sssd.conf.5.xml:590 include/override_homedir.xml:55
+#: sssd.conf.5.xml:621 sssd.conf.5.xml:978 sssd-krb5.5.xml:533
+#: include/override_homedir.xml:55
msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:596
+#: sssd.conf.5.xml:627
msgid "Default: not set (no substitution for unset home directories)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:602
+#: sssd.conf.5.xml:633
msgid "override_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:605
+#: sssd.conf.5.xml:636
msgid ""
"Override the login shell for all users. This option supersedes any other "
"shell options if it takes effect and can be set either in the [nss] section "
@@ -869,47 +922,47 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:611
+#: sssd.conf.5.xml:642
msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:617
+#: sssd.conf.5.xml:648
msgid "allowed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:620
+#: sssd.conf.5.xml:651
msgid ""
"Restrict user shell to one of the listed values. The order of evaluation is:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:623
+#: sssd.conf.5.xml:654
msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:627
+#: sssd.conf.5.xml:658
msgid ""
"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
"quote>, use the value of the shell_fallback parameter."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:632
+#: sssd.conf.5.xml:663
msgid ""
"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
"shells</quote>, a nologin shell is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:637
+#: sssd.conf.5.xml:668
msgid "The wildcard (*) can be used to allow any shell."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:640
+#: sssd.conf.5.xml:671
msgid ""
"The (*) is useful if you want to use shell_fallback in case that user's "
"shell is not in <quote>/etc/shells</quote> and maintaining list of all "
@@ -917,103 +970,103 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:647
+#: sssd.conf.5.xml:678
msgid "An empty string for shell is passed as-is to libc."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:650
+#: sssd.conf.5.xml:681
msgid ""
"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
"that a restart of the SSSD is required in case a new shell is installed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:654
+#: sssd.conf.5.xml:685
msgid "Default: Not set. The user shell is automatically used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:659
+#: sssd.conf.5.xml:690
msgid "vetoed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:662
+#: sssd.conf.5.xml:693
msgid "Replace any instance of these shells with the shell_fallback"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:667
+#: sssd.conf.5.xml:698
msgid "shell_fallback (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:670
+#: sssd.conf.5.xml:701
msgid ""
"The default shell to use if an allowed shell is not installed on the machine."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:674
+#: sssd.conf.5.xml:705
msgid "Default: /bin/sh"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:679
+#: sssd.conf.5.xml:710
msgid "default_shell"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:682
+#: sssd.conf.5.xml:713
msgid ""
"The default shell to use if the provider does not return one during lookup. "
"This option can be specified globally in the [nss] section or per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:688
+#: sssd.conf.5.xml:719
msgid ""
"Default: not set (Return NULL if no shell is specified and rely on libc to "
"substitute something sensible when necessary, usually /bin/sh)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:695 sssd.conf.5.xml:881
+#: sssd.conf.5.xml:726 sssd.conf.5.xml:912
msgid "get_domains_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:698 sssd.conf.5.xml:884
+#: sssd.conf.5.xml:729 sssd.conf.5.xml:915
msgid ""
"Specifies time in seconds for which the list of subdomains will be "
"considered valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:707
+#: sssd.conf.5.xml:738
msgid "memcache_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:710
+#: sssd.conf.5.xml:741
msgid ""
"Specifies time in seconds for which records in the in-memory cache will be "
"valid"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:714 sssd-ldap.5.xml:706
+#: sssd.conf.5.xml:745 sssd-ldap.5.xml:706
msgid "Default: 300"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:719 sssd-ifp.5.xml:74
+#: sssd.conf.5.xml:750 sssd-ifp.5.xml:74
msgid "user_attributes (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:722
+#: sssd.conf.5.xml:753
msgid ""
"Some of the additional NSS responder requests can return more attributes "
"than just the POSIX ones defined by the NSS interface. The list of "
@@ -1024,72 +1077,72 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:735
+#: sssd.conf.5.xml:766
msgid ""
"To make configuration more easy the NSS responder will check the InfoPipe "
"option if it is not set for the NSS responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:740
+#: sssd.conf.5.xml:771
msgid "Default: not set, fallback to InfoPipe option"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:747
+#: sssd.conf.5.xml:778
msgid "PAM configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:749
+#: sssd.conf.5.xml:780
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:754
+#: sssd.conf.5.xml:785
msgid "offline_credentials_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:757
+#: sssd.conf.5.xml:788
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:762 sssd.conf.5.xml:775
+#: sssd.conf.5.xml:793 sssd.conf.5.xml:806
msgid "Default: 0 (No limit)"
msgstr "По умолчанию: 0 (неограничено)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:768
+#: sssd.conf.5.xml:799
msgid "offline_failed_login_attempts (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:771
+#: sssd.conf.5.xml:802
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:781
+#: sssd.conf.5.xml:812
msgid "offline_failed_login_delay (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:784
+#: sssd.conf.5.xml:815
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:789
+#: sssd.conf.5.xml:820
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -1097,59 +1150,59 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:795 sssd.conf.5.xml:848
+#: sssd.conf.5.xml:826 sssd.conf.5.xml:879
msgid "Default: 5"
msgstr "По умолчанию: 5"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:801
+#: sssd.conf.5.xml:832
msgid "pam_verbosity (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:804
+#: sssd.conf.5.xml:835
msgid ""
"Controls what kind of messages are shown to the user during authentication. "
"The higher the number to more messages are displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:809
+#: sssd.conf.5.xml:840
msgid "Currently sssd supports the following values:"
msgstr "В настоящее время sssd поддерживает следующие значения:"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:812
+#: sssd.conf.5.xml:843
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:815
+#: sssd.conf.5.xml:846
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:819
+#: sssd.conf.5.xml:850
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:822
+#: sssd.conf.5.xml:853
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:826 sssd.8.xml:63
+#: sssd.conf.5.xml:857 sssd.8.xml:63
msgid "Default: 1"
msgstr "По умолчанию: 1"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:831
+#: sssd.conf.5.xml:862
msgid "pam_id_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:834
+#: sssd.conf.5.xml:865
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -1157,7 +1210,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:840
+#: sssd.conf.5.xml:871
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a per-"
@@ -1166,17 +1219,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:854
+#: sssd.conf.5.xml:885
msgid "pam_pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:857 sssd.conf.5.xml:1390
+#: sssd.conf.5.xml:888 sssd.conf.5.xml:1442
msgid "Display a warning N days before the password expires."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:860
+#: sssd.conf.5.xml:891
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1184,31 +1237,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:866 sssd.conf.5.xml:1393
+#: sssd.conf.5.xml:897 sssd.conf.5.xml:1445
msgid ""
"If zero is set, then this filter is not applied, i.e. if the expiration "
"warning was received from backend server, it will automatically be displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:871
+#: sssd.conf.5.xml:902
msgid ""
"This setting can be overridden by setting <emphasis>pwd_expiration_warning</"
"emphasis> for a particular domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:876 sssd.8.xml:79
+#: sssd.conf.5.xml:907 sssd.8.xml:79
msgid "Default: 0"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:893
+#: sssd.conf.5.xml:924
msgid "pam_trusted_users (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:896
+#: sssd.conf.5.xml:927
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAM responder. User names are resolved to UIDs at "
@@ -1216,59 +1269,75 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:902
+#: sssd.conf.5.xml:933
msgid "Default: all (All users are allowed to access the PAM responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:906
+#: sssd.conf.5.xml:937
msgid ""
"Please note that UID 0 is always allowed to access the PAM responder even in "
"case it is not in the pam_trusted_users list."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:913
+#: sssd.conf.5.xml:944
msgid "pam_public_domains (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:916
+#: sssd.conf.5.xml:947
msgid ""
"Specifies the comma-separated list of domain names that are accessible even "
"to untrusted users."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:920
+#: sssd.conf.5.xml:951
msgid "Two special values for pam_public_domains option are defined:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:924
+#: sssd.conf.5.xml:955
msgid ""
"all (Untrusted users are allowed to access all domains in PAM responder.)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:928
+#: sssd.conf.5.xml:959
msgid ""
"none (Untrusted users are not allowed to access any domains PAM in "
"responder.)"
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:932 sssd.conf.5.xml:1192 sssd-ldap.5.xml:1753
-msgid "Default: none"
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:968
+msgid "pam_account_expired_message (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:971
+msgid ""
+"If user is authenticating using SSH keys and account is expired then by "
+"default 'Permission denied' is output. This output will be changed to "
+"content of this variable if it is set."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd.conf.5.xml:980
+#, no-wrap
+msgid ""
+"pam_account_expired_message = Account expired, please call help desk.\n"
+" "
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:941
+#: sssd.conf.5.xml:993
msgid "SUDO configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:943
+#: sssd.conf.5.xml:995
msgid ""
"These options can be used to configure the sudo service. The detailed "
"instructions for configuration of <citerefentry> <refentrytitle>sudo</"
@@ -1279,34 +1348,34 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:960
+#: sssd.conf.5.xml:1012
msgid "sudo_timed (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:1015
msgid ""
"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
"that implement time-dependent sudoers entries."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:976
+#: sssd.conf.5.xml:1028
msgid "AUTOFS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:978
+#: sssd.conf.5.xml:1030
msgid "These options can be used to configure the autofs service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:982
+#: sssd.conf.5.xml:1034
msgid "autofs_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:985
+#: sssd.conf.5.xml:1037
msgid ""
"Specifies for how many seconds should the autofs responder negative cache "
"hits (that is, queries for invalid map entries, like nonexistent ones) "
@@ -1314,51 +1383,51 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1001
+#: sssd.conf.5.xml:1053
msgid "SSH configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1003
+#: sssd.conf.5.xml:1055
msgid "These options can be used to configure the SSH service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1007
+#: sssd.conf.5.xml:1059
msgid "ssh_hash_known_hosts (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1010
+#: sssd.conf.5.xml:1062
msgid ""
"Whether or not to hash host names and addresses in the managed known_hosts "
"file."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1019
+#: sssd.conf.5.xml:1071
msgid "ssh_known_hosts_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1022
+#: sssd.conf.5.xml:1074
msgid ""
"How many seconds to keep a host in the managed known_hosts file after its "
"host keys were requested."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1026
+#: sssd.conf.5.xml:1078
msgid "Default: 180"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1034
+#: sssd.conf.5.xml:1086
msgid "PAC responder configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1036
+#: sssd.conf.5.xml:1088
msgid ""
"The PAC responder works together with the authorization data plugin for MIT "
"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
@@ -1370,7 +1439,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1045
+#: sssd.conf.5.xml:1097
msgid ""
"If the remote user does not exist in the cache, it is created. The uid is "
"determined with the help of the SID, trusted domains will have UPGs and the "
@@ -1381,24 +1450,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1053
+#: sssd.conf.5.xml:1105
msgid ""
"If there are SIDs of groups from domains sssd knows about, the user will be "
"added to those groups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1059
+#: sssd.conf.5.xml:1111
msgid "These options can be used to configure the PAC responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1063 sssd-ifp.5.xml:50
+#: sssd.conf.5.xml:1115 sssd-ifp.5.xml:50
msgid "allowed_uids (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1066
+#: sssd.conf.5.xml:1118
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAC responder. User names are resolved to UIDs at "
@@ -1406,12 +1475,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1072
+#: sssd.conf.5.xml:1124
msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1076
+#: sssd.conf.5.xml:1128
msgid ""
"Please note that although the UID 0 is used as the default it will be "
"overwritten with this option. If you still want to allow the root user to "
@@ -1420,24 +1489,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:1090
+#: sssd.conf.5.xml:1142
msgid "DOMAIN SECTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1097
+#: sssd.conf.5.xml:1149
msgid "min_id,max_id (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1100
+#: sssd.conf.5.xml:1152
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1105
+#: sssd.conf.5.xml:1157
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For non-"
@@ -1446,47 +1515,47 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1112
+#: sssd.conf.5.xml:1164
msgid ""
"These ID limits affect even saving entries to cache, not only returning them "
"by name or ID."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1116
+#: sssd.conf.5.xml:1168
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1122
+#: sssd.conf.5.xml:1174
msgid "enumerate (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1125
+#: sssd.conf.5.xml:1177
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1129
+#: sssd.conf.5.xml:1181
msgid "TRUE = Users and groups are enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1132
+#: sssd.conf.5.xml:1184
msgid "FALSE = No enumerations for this domain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1135 sssd.conf.5.xml:1367 sssd.conf.5.xml:1476
-#: sssd.conf.5.xml:1493
+#: sssd.conf.5.xml:1187 sssd.conf.5.xml:1419 sssd.conf.5.xml:1528
+#: sssd.conf.5.xml:1545
msgid "Default: FALSE"
msgstr "По умолчанию: FALSE"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1138
+#: sssd.conf.5.xml:1190
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
@@ -1498,14 +1567,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1151
+#: sssd.conf.5.xml:1203
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1156
+#: sssd.conf.5.xml:1208
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -1514,39 +1583,39 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1164
+#: sssd.conf.5.xml:1216
msgid ""
"For the reasons cited above, enabling enumeration is not recommended, "
"especially in large environments."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1172
+#: sssd.conf.5.xml:1224
msgid "subdomain_enumerate (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1179
+#: sssd.conf.5.xml:1231
msgid "all"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1180
+#: sssd.conf.5.xml:1232
msgid "All discovered trusted domains will be enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1183
+#: sssd.conf.5.xml:1235
msgid "none"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1184
+#: sssd.conf.5.xml:1236
msgid "No discovered trusted domains will be enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1175
+#: sssd.conf.5.xml:1227
msgid ""
"Whether any of autodetected trusted domains should be enumerated. The "
"supported values are: <placeholder type=\"variablelist\" id=\"0\"/> "
@@ -1555,19 +1624,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1215
+#: sssd.conf.5.xml:1267
msgid "entry_cache_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1218
+#: sssd.conf.5.xml:1270
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1222
+#: sssd.conf.5.xml:1274
msgid ""
"The cache expiration timestamps are stored as attributes of individual "
"objects in the cache. Therefore, changing the cache timeout only has effect "
@@ -1578,150 +1647,151 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1235
+#: sssd.conf.5.xml:1287
msgid "Default: 5400"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1241
+#: sssd.conf.5.xml:1293
msgid "entry_cache_user_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1244
+#: sssd.conf.5.xml:1296
msgid ""
"How many seconds should nss_sss consider user entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1248 sssd.conf.5.xml:1261 sssd.conf.5.xml:1274
-#: sssd.conf.5.xml:1287 sssd.conf.5.xml:1300 sssd.conf.5.xml:1314
-#: sssd.conf.5.xml:1328
+#: sssd.conf.5.xml:1300 sssd.conf.5.xml:1313 sssd.conf.5.xml:1326
+#: sssd.conf.5.xml:1339 sssd.conf.5.xml:1352 sssd.conf.5.xml:1366
+#: sssd.conf.5.xml:1380
msgid "Default: entry_cache_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1254
+#: sssd.conf.5.xml:1306
msgid "entry_cache_group_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1257
+#: sssd.conf.5.xml:1309
msgid ""
"How many seconds should nss_sss consider group entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1267
+#: sssd.conf.5.xml:1319
msgid "entry_cache_netgroup_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1270
+#: sssd.conf.5.xml:1322
msgid ""
"How many seconds should nss_sss consider netgroup entries valid before "
"asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1280
+#: sssd.conf.5.xml:1332
msgid "entry_cache_service_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1283
+#: sssd.conf.5.xml:1335
msgid ""
"How many seconds should nss_sss consider service entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1293
+#: sssd.conf.5.xml:1345
msgid "entry_cache_sudo_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1296
+#: sssd.conf.5.xml:1348
msgid ""
"How many seconds should sudo consider rules valid before asking the backend "
"again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1306
+#: sssd.conf.5.xml:1358
msgid "entry_cache_autofs_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1309
+#: sssd.conf.5.xml:1361
msgid ""
"How many seconds should the autofs service consider automounter maps valid "
"before asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1320
+#: sssd.conf.5.xml:1372
msgid "entry_cache_ssh_host_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1323
+#: sssd.conf.5.xml:1375
msgid ""
"How many seconds to keep a host ssh key after refresh. IE how long to cache "
"the host key for."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1334
+#: sssd.conf.5.xml:1386
msgid "refresh_expired_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1337
+#: sssd.conf.5.xml:1389
msgid ""
"Specifies how many seconds SSSD has to wait before triggering a background "
"refresh task which will refresh all expired or nearly expired records."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1342
-msgid "Currently only refreshing expired netgroups is supported."
+#: sssd.conf.5.xml:1394
+msgid ""
+"The background refresh will process users, groups and netgroups in the cache."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1346
+#: sssd.conf.5.xml:1398
msgid "You can consider setting this value to 3/4 * entry_cache_timeout."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1350 sssd-ipa.5.xml:224
+#: sssd.conf.5.xml:1402 sssd-ipa.5.xml:224
msgid "Default: 0 (disabled)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1356
+#: sssd.conf.5.xml:1408
msgid "cache_credentials (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1359
+#: sssd.conf.5.xml:1411
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1363
+#: sssd.conf.5.xml:1415
msgid "User credentials are stored in a SHA512 hash, not in plaintext"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1372
+#: sssd.conf.5.xml:1424
msgid "account_cache_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1375
+#: sssd.conf.5.xml:1427
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -1730,17 +1800,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1382
+#: sssd.conf.5.xml:1434
msgid "Default: 0 (unlimited)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1387
+#: sssd.conf.5.xml:1439
msgid "pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1398
+#: sssd.conf.5.xml:1450
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1749,33 +1819,33 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1405
+#: sssd.conf.5.xml:1457
msgid "Default: 7 (Kerberos), 0 (LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1411
+#: sssd.conf.5.xml:1463
msgid "id_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1414
+#: sssd.conf.5.xml:1466
msgid ""
"The identification provider used for the domain. Supported ID providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1418
+#: sssd.conf.5.xml:1470
msgid "<quote>proxy</quote>: Support a legacy NSS provider"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1421 sssd.conf.5.xml:1539
+#: sssd.conf.5.xml:1473 sssd.conf.5.xml:1591
msgid "<quote>local</quote>: SSSD internal provider for local users"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1425
+#: sssd.conf.5.xml:1477
msgid ""
"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
@@ -1783,8 +1853,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1433 sssd.conf.5.xml:1519 sssd.conf.5.xml:1574
-#: sssd.conf.5.xml:1627
+#: sssd.conf.5.xml:1485 sssd.conf.5.xml:1571 sssd.conf.5.xml:1626
+#: sssd.conf.5.xml:1679
msgid ""
"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -1793,8 +1863,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1442 sssd.conf.5.xml:1528 sssd.conf.5.xml:1583
-#: sssd.conf.5.xml:1636
+#: sssd.conf.5.xml:1494 sssd.conf.5.xml:1580 sssd.conf.5.xml:1635
+#: sssd.conf.5.xml:1688
msgid ""
"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1802,19 +1872,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1453
+#: sssd.conf.5.xml:1505
msgid "use_fully_qualified_names (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1456
+#: sssd.conf.5.xml:1508
msgid ""
"Use the full name and domain (as formatted by the domain's full_name_format) "
"as the user's login name reported to NSS."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1461
+#: sssd.conf.5.xml:1513
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified names. "
"For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -1823,7 +1893,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1469
+#: sssd.conf.5.xml:1521
msgid ""
"NOTE: This option has no effect on netgroup lookups due to their tendency to "
"include nested netgroups without qualified names. For netgroups, all domains "
@@ -1831,17 +1901,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1481
+#: sssd.conf.5.xml:1533
msgid "ignore_group_members (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1484
+#: sssd.conf.5.xml:1536
msgid "Do not return group members for group lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1487
+#: sssd.conf.5.xml:1539
msgid ""
"If set to TRUE, the group membership attribute is not requested from the "
"ldap server, and group members are not returned when processing group lookup "
@@ -1849,19 +1919,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1498
+#: sssd.conf.5.xml:1550
msgid "auth_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1501
+#: sssd.conf.5.xml:1553
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1505 sssd.conf.5.xml:1567
+#: sssd.conf.5.xml:1557 sssd.conf.5.xml:1619
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1869,7 +1939,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1512
+#: sssd.conf.5.xml:1564
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1877,30 +1947,30 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1536
+#: sssd.conf.5.xml:1588
msgid ""
"<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1543
+#: sssd.conf.5.xml:1595
msgid "<quote>none</quote> disables authentication explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1546
+#: sssd.conf.5.xml:1598
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1552
+#: sssd.conf.5.xml:1604
msgid "access_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1555
+#: sssd.conf.5.xml:1607
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -1908,19 +1978,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1561
+#: sssd.conf.5.xml:1613
msgid ""
"<quote>permit</quote> always allow access. It's the only permitted access "
"provider for a local domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1564
+#: sssd.conf.5.xml:1616
msgid "<quote>deny</quote> always deny access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1591
+#: sssd.conf.5.xml:1643
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
@@ -1929,24 +1999,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1598
+#: sssd.conf.5.xml:1650
msgid "Default: <quote>permit</quote>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1603
+#: sssd.conf.5.xml:1655
msgid "chpass_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1606
+#: sssd.conf.5.xml:1658
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1611
+#: sssd.conf.5.xml:1663
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
@@ -1954,7 +2024,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1619
+#: sssd.conf.5.xml:1671
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1962,35 +2032,35 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1644
+#: sssd.conf.5.xml:1696
msgid ""
"<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1648
+#: sssd.conf.5.xml:1700
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1651
+#: sssd.conf.5.xml:1703
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1658
+#: sssd.conf.5.xml:1710
msgid "sudo_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1661
+#: sssd.conf.5.xml:1713
msgid "The SUDO provider used for the domain. Supported SUDO providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1665
+#: sssd.conf.5.xml:1717
msgid ""
"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1998,32 +2068,32 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1673
+#: sssd.conf.5.xml:1725
msgid ""
"<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default "
"settings."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1677
+#: sssd.conf.5.xml:1729
msgid ""
"<quote>ad</quote> the same as <quote>ldap</quote> but with AD default "
"settings."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1681
+#: sssd.conf.5.xml:1733
msgid "<quote>none</quote> disables SUDO explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1684 sssd.conf.5.xml:1762 sssd.conf.5.xml:1794
-#: sssd.conf.5.xml:1819
+#: sssd.conf.5.xml:1736 sssd.conf.5.xml:1814 sssd.conf.5.xml:1846
+#: sssd.conf.5.xml:1871
msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1688
+#: sssd.conf.5.xml:1740
msgid ""
"The detailed instructions for configuration of sudo_provider are in the "
"manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> "
@@ -2034,12 +2104,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1705
+#: sssd.conf.5.xml:1757
msgid "selinux_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1708
+#: sssd.conf.5.xml:1760
msgid ""
"The provider which should handle loading of selinux settings. Note that this "
"provider will be called right after access provider ends. Supported selinux "
@@ -2047,7 +2117,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1714
+#: sssd.conf.5.xml:1766
msgid ""
"<quote>ipa</quote> to load selinux settings from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2055,31 +2125,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1722
+#: sssd.conf.5.xml:1774
msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1725
+#: sssd.conf.5.xml:1777
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"selinux loading requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1731
+#: sssd.conf.5.xml:1783
msgid "subdomains_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1734
+#: sssd.conf.5.xml:1786
msgid ""
"The provider which should handle fetching of subdomains. This value should "
"be always the same as id_provider. Supported subdomain providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1740
+#: sssd.conf.5.xml:1792
msgid ""
"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2087,7 +2157,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1749
+#: sssd.conf.5.xml:1801
msgid ""
"<quote>ad</quote> to load a list of subdomains from an Active Directory "
"server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> "
@@ -2096,23 +2166,23 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1758
+#: sssd.conf.5.xml:1810
msgid "<quote>none</quote> disallows fetching subdomains explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1769
+#: sssd.conf.5.xml:1821
msgid "autofs_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1772
+#: sssd.conf.5.xml:1824
msgid ""
"The autofs provider used for the domain. Supported autofs providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1776
+#: sssd.conf.5.xml:1828
msgid ""
"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2120,7 +2190,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1783
+#: sssd.conf.5.xml:1835
msgid ""
"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2128,24 +2198,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1791
+#: sssd.conf.5.xml:1843
msgid "<quote>none</quote> disables autofs explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1801
+#: sssd.conf.5.xml:1853
msgid "hostid_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1804
+#: sssd.conf.5.xml:1856
msgid ""
"The provider used for retrieving host identity information. Supported "
"hostid providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1808
+#: sssd.conf.5.xml:1860
msgid ""
"<quote>ipa</quote> to load host identity stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2153,12 +2223,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1816
+#: sssd.conf.5.xml:1868
msgid "<quote>none</quote> disables hostid explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1829
+#: sssd.conf.5.xml:1881
msgid ""
"Regular expression for this domain that describes how to parse the string "
"containing user name and domain into these components. The \"domain\" can "
@@ -2168,7 +2238,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1838
+#: sssd.conf.5.xml:1890
msgid ""
"Default for the AD and IPA provider: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
"\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
@@ -2177,29 +2247,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1843
+#: sssd.conf.5.xml:1895
msgid "username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1846
+#: sssd.conf.5.xml:1898
msgid "username@domain.name"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1849
+#: sssd.conf.5.xml:1901
msgid "domain\\username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1852
+#: sssd.conf.5.xml:1904
msgid ""
"While the first two correspond to the general default the third one is "
"introduced to allow easy integration of users from Windows domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1857
+#: sssd.conf.5.xml:1909
msgid ""
"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
"which translates to \"the name is everything up to the <quote>@</quote> "
@@ -2207,7 +2277,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1863
+#: sssd.conf.5.xml:1915
msgid ""
"PLEASE NOTE: the support for non-unique named subpatterns is not available "
"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
@@ -2215,66 +2285,66 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1870
+#: sssd.conf.5.xml:1922
msgid ""
"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?"
"P&lt;name&gt;) to label subpatterns."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1917
+#: sssd.conf.5.xml:1969
msgid "Default: <quote>%1$s@%2$s</quote>."
msgstr "По умолчанию: <quote>%1$s@%2$s</quote>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1923
+#: sssd.conf.5.xml:1975
msgid "lookup_family_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1926
+#: sssd.conf.5.xml:1978
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1930
+#: sssd.conf.5.xml:1982
msgid "Supported values:"
msgstr "Поддерживаемые значения:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1933
+#: sssd.conf.5.xml:1985
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1936
+#: sssd.conf.5.xml:1988
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1939
+#: sssd.conf.5.xml:1991
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1942
+#: sssd.conf.5.xml:1994
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1945
+#: sssd.conf.5.xml:1997
msgid "Default: ipv4_first"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1951
+#: sssd.conf.5.xml:2003
msgid "dns_resolver_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1954
+#: sssd.conf.5.xml:2006
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -2282,70 +2352,70 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1960 sssd-ldap.5.xml:1184 sssd-ldap.5.xml:1226
-#: sssd-ldap.5.xml:1241 sssd-krb5.5.xml:239
+#: sssd.conf.5.xml:2012 sssd-ldap.5.xml:1184 sssd-ldap.5.xml:1226
+#: sssd-ldap.5.xml:1241 sssd-krb5.5.xml:248
msgid "Default: 6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1966
+#: sssd.conf.5.xml:2018
msgid "dns_discovery_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1969
+#: sssd.conf.5.xml:2021
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1973
+#: sssd.conf.5.xml:2025
msgid "Default: Use the domain part of machine's hostname"
msgstr "По умолчанию: использовать доменное имя из hostname"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1979
+#: sssd.conf.5.xml:2031
msgid "override_gid (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1982
+#: sssd.conf.5.xml:2034
msgid "Override the primary GID value with the one specified."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1988
+#: sssd.conf.5.xml:2040
msgid "case_sensitive (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1996
+#: sssd.conf.5.xml:2048
msgid "True"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1999
+#: sssd.conf.5.xml:2051
msgid "Case sensitive. This value is invalid for AD provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2005
+#: sssd.conf.5.xml:2057
msgid "False"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2007
+#: sssd.conf.5.xml:2059
msgid "Case insensitive."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2011
+#: sssd.conf.5.xml:2063
msgid "Preserving"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2014
+#: sssd.conf.5.xml:2066
msgid ""
"Same as False (case insensitive), but does not lowercase names in the result "
"of NSS operations. Note that name aliases (and in case of services also "
@@ -2353,7 +2423,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1991
+#: sssd.conf.5.xml:2043
msgid ""
"Treat user and group names as case sensitive. At the moment, this option is "
"not supported in the local provider. Possible option values are: "
@@ -2361,17 +2431,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2026
+#: sssd.conf.5.xml:2078
msgid "Default: True (False for AD provider)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2032
+#: sssd.conf.5.xml:2084
msgid "proxy_fast_alias (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2035
+#: sssd.conf.5.xml:2087
msgid ""
"When a user or group is looked up by name in the proxy provider, a second "
"lookup by ID is performed to \"canonicalize\" the name in case the requested "
@@ -2380,22 +2450,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2049
+#: sssd.conf.5.xml:2101
msgid "subdomain_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2060
+#: sssd.conf.5.xml:2112
msgid "%F"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2061
+#: sssd.conf.5.xml:2113
msgid "flat (NetBIOS) name of a subdomain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2052
+#: sssd.conf.5.xml:2104
msgid ""
"Use this homedir as default value for all subdomains within this domain in "
"IPA AD trust. See <emphasis>override_homedir</emphasis> for info about "
@@ -2405,29 +2475,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2066
+#: sssd.conf.5.xml:2118
msgid ""
"The value can be overridden by <emphasis>override_homedir</emphasis> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2070
+#: sssd.conf.5.xml:2122
msgid "Default: <filename>/home/%d/%u</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2075
+#: sssd.conf.5.xml:2127
msgid "realmd_tags (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2078
+#: sssd.conf.5.xml:2130
msgid ""
"Various tags stored by the realmd configuration service for this domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1092
+#: sssd.conf.5.xml:1144
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
@@ -2435,29 +2505,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2091
+#: sssd.conf.5.xml:2143
msgid "proxy_pam_target (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2094
+#: sssd.conf.5.xml:2146
msgid "The proxy target PAM proxies to."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2097
+#: sssd.conf.5.xml:2149
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2105
+#: sssd.conf.5.xml:2157
msgid "proxy_lib_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2108
+#: sssd.conf.5.xml:2160
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -2465,19 +2535,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:2087
+#: sssd.conf.5.xml:2139
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
"\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:2120
+#: sssd.conf.5.xml:2172
msgid "The local domain section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:2122
+#: sssd.conf.5.xml:2174
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -2485,73 +2555,73 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2129
+#: sssd.conf.5.xml:2181
msgid "default_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2132
+#: sssd.conf.5.xml:2184
msgid "The default shell for users created with SSSD userspace tools."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2136
+#: sssd.conf.5.xml:2188
msgid "Default: <filename>/bin/bash</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2141
+#: sssd.conf.5.xml:2193
msgid "base_directory (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2144
+#: sssd.conf.5.xml:2196
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2149
+#: sssd.conf.5.xml:2201
msgid "Default: <filename>/home</filename>"
msgstr "По умолчанию: <filename>/home</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2154
+#: sssd.conf.5.xml:2206
msgid "create_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2157
+#: sssd.conf.5.xml:2209
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2161 sssd.conf.5.xml:2173
+#: sssd.conf.5.xml:2213 sssd.conf.5.xml:2225
msgid "Default: TRUE"
msgstr "По умолчанию: TRUE"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2166
+#: sssd.conf.5.xml:2218
msgid "remove_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2169
+#: sssd.conf.5.xml:2221
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2178
+#: sssd.conf.5.xml:2230
msgid "homedir_umask (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2181
+#: sssd.conf.5.xml:2233
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -2559,17 +2629,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2189
+#: sssd.conf.5.xml:2241
msgid "Default: 077"
msgstr "По умолчанию: 077"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2194
+#: sssd.conf.5.xml:2246
msgid "skel_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2197
+#: sssd.conf.5.xml:2249
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -2578,17 +2648,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2207
+#: sssd.conf.5.xml:2259
msgid "Default: <filename>/etc/skel</filename>"
msgstr "По умолчанию: <filename>/etc/skel</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2212
+#: sssd.conf.5.xml:2264
msgid "mail_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2215
+#: sssd.conf.5.xml:2267
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -2596,17 +2666,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2222
+#: sssd.conf.5.xml:2274
msgid "Default: <filename>/var/mail</filename>"
msgstr "По умолчанию: <filename>/var/mail</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2227
+#: sssd.conf.5.xml:2279
msgid "userdel_cmd (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2230
+#: sssd.conf.5.xml:2282
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -2614,19 +2684,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2236
+#: sssd.conf.5.xml:2288
msgid "Default: None, no command is run"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:2246 sssd-ldap.5.xml:2518 sssd-simple.5.xml:131
-#: sssd-ipa.5.xml:718 sssd-ad.5.xml:843 sssd-krb5.5.xml:519
+#: sssd.conf.5.xml:2298 sssd-ldap.5.xml:2569 sssd-simple.5.xml:131
+#: sssd-ipa.5.xml:718 sssd-ad.5.xml:843 sssd-krb5.5.xml:564
#: sss_rpcidmapd.5.xml:98
msgid "EXAMPLE"
msgstr "ПРИМЕР"
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:2252
+#: sssd.conf.5.xml:2304
#, no-wrap
msgid ""
"[sssd]\n"
@@ -2656,7 +2726,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:2248
+#: sssd.conf.5.xml:2300
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -3495,7 +3565,7 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:738 sssd-ldap.5.xml:831 sssd-ldap.5.xml:1058
-#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:2102 sssd-ldap.5.xml:2441
+#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:2153 sssd-ldap.5.xml:2492
#: sssd-ipa.5.xml:591
msgid "Default: cn"
msgstr ""
@@ -3776,11 +3846,6 @@ msgid ""
"dealing with complex or deep nested groups)."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1017
-msgid "ldap_use_tokengroups"
-msgstr ""
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1020
msgid ""
@@ -4015,7 +4080,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1258 sssd-ldap.5.xml:2259
+#: sssd-ldap.5.xml:1258 sssd-ldap.5.xml:2310
msgid "Default: 900 (15 minutes)"
msgstr ""
@@ -4466,7 +4531,7 @@ msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:403 sssd-krb5.5.xml:453
+#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:403 sssd-krb5.5.xml:462
msgid "krb5_canonicalize (boolean)"
msgstr ""
@@ -4478,12 +4543,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1700 sssd-krb5.5.xml:468
+#: sssd-ldap.5.xml:1700 sssd-krb5.5.xml:477
msgid "krb5_use_kdcinfo (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1703 sssd-krb5.5.xml:471
+#: sssd-ldap.5.xml:1703 sssd-krb5.5.xml:480
msgid ""
"Specifies if the SSSD should instruct the Kerberos libraries what realm and "
"which KDCs to use. This option is on by default, if you disable it, you need "
@@ -4493,7 +4558,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1714 sssd-krb5.5.xml:482
+#: sssd-ldap.5.xml:1714 sssd-krb5.5.xml:491
msgid ""
"See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</"
"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more "
@@ -4761,40 +4826,93 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1958
+msgid ""
+"<emphasis> Please note that this option is superseded by the <quote>ppolicy</"
+"quote> option and might be removed in a future release. </emphasis>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1965
+msgid ""
+"<emphasis>ppolicy</emphasis>: use account locking. If set, this option "
+"denies access in case that ldap attribute 'pwdAccountLockedTime' is present "
+"and has value of '000001010000Z' or represents any time in the past. The "
+"value of the 'pwdAccountLockedTime' attribute must end with 'Z', which "
+"denotes the UTC time zone. Other time zones are not currently supported and "
+"will result in \"access-denied\" when users attempt to log in. Please see "
+"the option ldap_pwdlockout_dn. Please note that 'access_provider = ldap' "
+"must be set for this feature to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1982
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1962
+#: sssd-ldap.5.xml:1986
+msgid ""
+"<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, "
+"pwd_expire_policy_renew: </emphasis> These options are useful if users are "
+"interested in being warned that password is about to expire and "
+"authentication is based on using a different method than passwords - for "
+"example SSH keys."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1996
+msgid ""
+"The difference between these options is the action taken if user password is "
+"expired: pwd_expire_policy_reject - user is denied to log in, "
+"pwd_expire_policy_warn - user is still able to log in, "
+"pwd_expire_policy_renew - user is prompted to change his password "
+"immediately."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2004
+msgid ""
+"Note If user password is expired no explicit message is prompted by SSSD."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2008
+msgid ""
+"Please note that 'access_provider = ldap' must be set for this feature to "
+"work. Also 'ldap_pwd_policy' must be set to an appropriate password policy."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2013
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1967
+#: sssd-ldap.5.xml:2018
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1971
+#: sssd-ldap.5.xml:2022
msgid "Default: filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1974
+#: sssd-ldap.5.xml:2025
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1981
+#: sssd-ldap.5.xml:2032
msgid "ldap_pwdlockout_dn (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1984
+#: sssd-ldap.5.xml:2035
msgid ""
"This option specifies the DN of password policy entry on LDAP server. Please "
"note that absence of this option in sssd.conf in case of enabled account "
@@ -4803,74 +4921,74 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1992
+#: sssd-ldap.5.xml:2043
msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1995
+#: sssd-ldap.5.xml:2046
msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2001
+#: sssd-ldap.5.xml:2052
msgid "ldap_deref (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2004
+#: sssd-ldap.5.xml:2055
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2009
+#: sssd-ldap.5.xml:2060
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2013
+#: sssd-ldap.5.xml:2064
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2018
+#: sssd-ldap.5.xml:2069
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2023
+#: sssd-ldap.5.xml:2074
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2028
+#: sssd-ldap.5.xml:2079
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2036
+#: sssd-ldap.5.xml:2087
msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2039
+#: sssd-ldap.5.xml:2090
msgid ""
"Allows to retain local users as members of an LDAP group for servers that "
"use the RFC2307 schema."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2043
+#: sssd-ldap.5.xml:2094
msgid ""
"In some environments where the RFC2307 schema is used, local users are made "
"members of LDAP groups by adding their names to the memberUid attribute. "
@@ -4881,7 +4999,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2054
+#: sssd-ldap.5.xml:2105
msgid ""
"This option falls back to checking if local users are referenced, and caches "
"them so that later initgroups() calls will augment the local users with the "
@@ -4899,12 +5017,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2070
+#: sssd-ldap.5.xml:2121
msgid "SUDO OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2072
+#: sssd-ldap.5.xml:2123
msgid ""
"The detailed instructions for configuration of sudo_provider are in the "
"manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> "
@@ -4912,208 +5030,208 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2083
+#: sssd-ldap.5.xml:2134
msgid "ldap_sudorule_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2086
+#: sssd-ldap.5.xml:2137
msgid "The object class of a sudo rule entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2089
+#: sssd-ldap.5.xml:2140
msgid "Default: sudoRole"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2095
+#: sssd-ldap.5.xml:2146
msgid "ldap_sudorule_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2098
+#: sssd-ldap.5.xml:2149
msgid "The LDAP attribute that corresponds to the sudo rule name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2108
+#: sssd-ldap.5.xml:2159
msgid "ldap_sudorule_command (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2111
+#: sssd-ldap.5.xml:2162
msgid "The LDAP attribute that corresponds to the command name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2115
+#: sssd-ldap.5.xml:2166
msgid "Default: sudoCommand"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2121
+#: sssd-ldap.5.xml:2172
msgid "ldap_sudorule_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2124
+#: sssd-ldap.5.xml:2175
msgid ""
"The LDAP attribute that corresponds to the host name (or host IP address, "
"host IP network, or host netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2129
+#: sssd-ldap.5.xml:2180
msgid "Default: sudoHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2135
+#: sssd-ldap.5.xml:2186
msgid "ldap_sudorule_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2138
+#: sssd-ldap.5.xml:2189
msgid ""
"The LDAP attribute that corresponds to the user name (or UID, group name or "
"user's netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2142
+#: sssd-ldap.5.xml:2193
msgid "Default: sudoUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2148
+#: sssd-ldap.5.xml:2199
msgid "ldap_sudorule_option (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2151
+#: sssd-ldap.5.xml:2202
msgid "The LDAP attribute that corresponds to the sudo options."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2155
+#: sssd-ldap.5.xml:2206
msgid "Default: sudoOption"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2161
+#: sssd-ldap.5.xml:2212
msgid "ldap_sudorule_runasuser (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2164
+#: sssd-ldap.5.xml:2215
msgid ""
"The LDAP attribute that corresponds to the user name that commands may be "
"run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2168
+#: sssd-ldap.5.xml:2219
msgid "Default: sudoRunAsUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2174
+#: sssd-ldap.5.xml:2225
msgid "ldap_sudorule_runasgroup (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2177
+#: sssd-ldap.5.xml:2228
msgid ""
"The LDAP attribute that corresponds to the group name or group GID that "
"commands may be run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2181
+#: sssd-ldap.5.xml:2232
msgid "Default: sudoRunAsGroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2187
+#: sssd-ldap.5.xml:2238
msgid "ldap_sudorule_notbefore (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2190
+#: sssd-ldap.5.xml:2241
msgid ""
"The LDAP attribute that corresponds to the start date/time for when the sudo "
"rule is valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2194
+#: sssd-ldap.5.xml:2245
msgid "Default: sudoNotBefore"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2200
+#: sssd-ldap.5.xml:2251
msgid "ldap_sudorule_notafter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2203
+#: sssd-ldap.5.xml:2254
msgid ""
"The LDAP attribute that corresponds to the expiration date/time, after which "
"the sudo rule will no longer be valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2208
+#: sssd-ldap.5.xml:2259
msgid "Default: sudoNotAfter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2214
+#: sssd-ldap.5.xml:2265
msgid "ldap_sudorule_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2217
+#: sssd-ldap.5.xml:2268
msgid "The LDAP attribute that corresponds to the ordering index of the rule."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2221
+#: sssd-ldap.5.xml:2272
msgid "Default: sudoOrder"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2227
+#: sssd-ldap.5.xml:2278
msgid "ldap_sudo_full_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2230
+#: sssd-ldap.5.xml:2281
msgid ""
"How many seconds SSSD will wait between executing a full refresh of sudo "
"rules (which downloads all rules that are stored on the server)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2235
+#: sssd-ldap.5.xml:2286
msgid ""
"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </"
"emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2240
+#: sssd-ldap.5.xml:2291
msgid "Default: 21600 (6 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2246
+#: sssd-ldap.5.xml:2297
msgid "ldap_sudo_smart_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2249
+#: sssd-ldap.5.xml:2300
msgid ""
"How many seconds SSSD has to wait before executing a smart refresh of sudo "
"rules (which downloads all rules that have USN higher than the highest USN "
@@ -5121,101 +5239,101 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2255
+#: sssd-ldap.5.xml:2306
msgid ""
"If USN attributes are not supported by the server, the modifyTimestamp "
"attribute is used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2265
+#: sssd-ldap.5.xml:2316
msgid "ldap_sudo_use_host_filter (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2268
+#: sssd-ldap.5.xml:2319
msgid ""
"If true, SSSD will download only rules that are applicable to this machine "
"(using the IPv4 or IPv6 host/network addresses and hostnames)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2279
+#: sssd-ldap.5.xml:2330
msgid "ldap_sudo_hostnames (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2282
+#: sssd-ldap.5.xml:2333
msgid ""
"Space separated list of hostnames or fully qualified domain names that "
"should be used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2287
+#: sssd-ldap.5.xml:2338
msgid ""
"If this option is empty, SSSD will try to discover the hostname and the "
"fully qualified domain name automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2292 sssd-ldap.5.xml:2315 sssd-ldap.5.xml:2333
-#: sssd-ldap.5.xml:2351
+#: sssd-ldap.5.xml:2343 sssd-ldap.5.xml:2366 sssd-ldap.5.xml:2384
+#: sssd-ldap.5.xml:2402
msgid ""
"If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</"
"emphasis> then this option has no effect."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2297 sssd-ldap.5.xml:2320
+#: sssd-ldap.5.xml:2348 sssd-ldap.5.xml:2371
msgid "Default: not specified"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2303
+#: sssd-ldap.5.xml:2354
msgid "ldap_sudo_ip (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2306
+#: sssd-ldap.5.xml:2357
msgid ""
"Space separated list of IPv4 or IPv6 host/network addresses that should be "
"used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2311
+#: sssd-ldap.5.xml:2362
msgid ""
"If this option is empty, SSSD will try to discover the addresses "
"automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2326
+#: sssd-ldap.5.xml:2377
msgid "ldap_sudo_include_netgroups (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2329
+#: sssd-ldap.5.xml:2380
msgid ""
"If true then SSSD will download every rule that contains a netgroup in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2344
+#: sssd-ldap.5.xml:2395
msgid "ldap_sudo_include_regexp (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2347
+#: sssd-ldap.5.xml:2398
msgid ""
"If true then SSSD will download every rule that contains a wildcard in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2363
+#: sssd-ldap.5.xml:2414
msgid ""
"This manual page only describes attribute name mapping. For detailed "
"explanation of sudo related attribute semantics, see <citerefentry> "
@@ -5224,91 +5342,91 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2373
+#: sssd-ldap.5.xml:2424
msgid "AUTOFS OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2375
+#: sssd-ldap.5.xml:2426
msgid ""
"Please note that the default values correspond to the default schema which "
"is RFC2307."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2381
+#: sssd-ldap.5.xml:2432
msgid "ldap_autofs_map_master_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2384
+#: sssd-ldap.5.xml:2435
msgid "The name of the automount master map in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2387
+#: sssd-ldap.5.xml:2438
msgid "Default: auto.master"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2394
+#: sssd-ldap.5.xml:2445
msgid "ldap_autofs_map_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2397 sssd-ldap.5.xml:2423
+#: sssd-ldap.5.xml:2448 sssd-ldap.5.xml:2474
msgid "The object class of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2400 sssd-ldap.5.xml:2427
+#: sssd-ldap.5.xml:2451 sssd-ldap.5.xml:2478
msgid "Default: automountMap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2407
+#: sssd-ldap.5.xml:2458
msgid "ldap_autofs_map_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2410
+#: sssd-ldap.5.xml:2461
msgid "The name of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2413
+#: sssd-ldap.5.xml:2464
msgid "Default: ou"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2420
+#: sssd-ldap.5.xml:2471
msgid "ldap_autofs_entry_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2434
+#: sssd-ldap.5.xml:2485
msgid "ldap_autofs_entry_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2437 sssd-ldap.5.xml:2451
+#: sssd-ldap.5.xml:2488 sssd-ldap.5.xml:2502
msgid ""
"The key of an automount entry in LDAP. The entry usually corresponds to a "
"mount point."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2448
+#: sssd-ldap.5.xml:2499
msgid "ldap_autofs_entry_value (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2455
+#: sssd-ldap.5.xml:2506
msgid "Default: automountInformation"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2379
+#: sssd-ldap.5.xml:2430
msgid ""
"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
@@ -5317,32 +5435,32 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2465
+#: sssd-ldap.5.xml:2516
msgid "ADVANCED OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2472
+#: sssd-ldap.5.xml:2523
msgid "ldap_netgroup_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2477
+#: sssd-ldap.5.xml:2528
msgid "ldap_user_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2482
+#: sssd-ldap.5.xml:2533
msgid "ldap_group_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><note>
-#: sssd-ldap.5.xml:2487
+#: sssd-ldap.5.xml:2538
msgid "<note>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para>
-#: sssd-ldap.5.xml:2489
+#: sssd-ldap.5.xml:2540
msgid ""
"If the option <quote>ldap_use_tokengroups</quote> is enabled. The searches "
"against Active Directory will not be restricted and return all groups "
@@ -5351,22 +5469,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist>
-#: sssd-ldap.5.xml:2496
+#: sssd-ldap.5.xml:2547
msgid "</note>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2498
+#: sssd-ldap.5.xml:2549
msgid "ldap_sudo_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2503
+#: sssd-ldap.5.xml:2554
msgid "ldap_autofs_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2467
+#: sssd-ldap.5.xml:2518
msgid ""
"These options are supported by LDAP domains, but they should be used with "
"caution. Please include them in your configuration only if you know what you "
@@ -5375,7 +5493,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2520
+#: sssd-ldap.5.xml:2571
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -5383,7 +5501,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2526
+#: sssd-ldap.5.xml:2577
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -5396,26 +5514,26 @@ msgid ""
msgstr ""
#. type: Content of: <refsect1><refsect2><para>
-#: sssd-ldap.5.xml:2525 sssd-ldap.5.xml:2543 sssd-simple.5.xml:139
+#: sssd-ldap.5.xml:2576 sssd-ldap.5.xml:2594 sssd-simple.5.xml:139
#: sssd-ipa.5.xml:726 sssd-ad.5.xml:851 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98
-#: sssd-krb5.5.xml:528 include/ldap_id_mapping.xml:105
+#: sssd-krb5.5.xml:573 include/ldap_id_mapping.xml:105
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2537
+#: sssd-ldap.5.xml:2588
msgid "LDAP ACCESS FILTER EXAMPLE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2539
+#: sssd-ldap.5.xml:2590
msgid ""
"The following example assumes that SSSD is correctly configured and to use "
"the ldap_access_order=lockout."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2544
+#: sssd-ldap.5.xml:2595
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -5431,13 +5549,13 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2559 sssd_krb5_locator_plugin.8.xml:61
+#: sssd-ldap.5.xml:2610 sssd_krb5_locator_plugin.8.xml:61
#: sssd-simple.5.xml:148 sssd-ad.5.xml:866 sssd.8.xml:195 sss_seed.8.xml:163
msgid "NOTES"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2561
+#: sssd-ldap.5.xml:2612
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -6197,7 +6315,7 @@ msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:371 sssd-krb5.5.xml:245
+#: sssd-ipa.5.xml:371 sssd-krb5.5.xml:254
msgid "krb5_validate (boolean)"
msgstr ""
@@ -6238,12 +6356,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:419 sssd-krb5.5.xml:407
+#: sssd-ipa.5.xml:419 sssd-krb5.5.xml:416
msgid "krb5_use_fast (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:422 sssd-krb5.5.xml:410
+#: sssd-ipa.5.xml:422 sssd-krb5.5.xml:419
msgid ""
"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-"
"authentication. The following options are supported:"
@@ -6263,7 +6381,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:436 sssd-krb5.5.xml:424
+#: sssd-ipa.5.xml:436 sssd-krb5.5.xml:433
msgid ""
"<emphasis>demand</emphasis> to use FAST. The authentication fails if the "
"server does not require fast."
@@ -6275,7 +6393,7 @@ msgid "Default: try"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:444 sssd-krb5.5.xml:435
+#: sssd-ipa.5.xml:444 sssd-krb5.5.xml:444
msgid ""
"NOTE: SSSD supports FAST only with MIT Kerberos version 1.8 and later. If "
"SSSD is used with an older version of MIT Kerberos, using this option is a "
@@ -7359,12 +7477,12 @@ msgid "Default: True"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:797 sssd-krb5.5.xml:496
+#: sssd-ad.5.xml:797 sssd-krb5.5.xml:505
msgid "krb5_use_enterprise_principal (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:800 sssd-krb5.5.xml:499
+#: sssd-ad.5.xml:800 sssd-krb5.5.xml:508
msgid ""
"Specifies if the user principal should be treated as enterprise principal. "
"See section 5 of RFC 6806 for more details about enterprise principals."
@@ -8307,16 +8425,24 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:225
+msgid ""
+"NOTE: Please be aware that libkrb5 ccache expansion template from "
+"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> uses different expansion sequences than SSSD."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:234
msgid "Default: (from libkrb5)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:231
+#: sssd-krb5.5.xml:240
msgid "krb5_auth_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:234
+#: sssd-krb5.5.xml:243
msgid ""
"Timeout in seconds after an online authentication request or change password "
"request is aborted. If possible, the authentication request is continued "
@@ -8324,7 +8450,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:248
+#: sssd-krb5.5.xml:257
msgid ""
"Verify with the help of krb5_keytab that the TGT obtained has not been "
"spoofed. The keytab is checked for entries sequentially, and the first entry "
@@ -8335,36 +8461,36 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:263
+#: sssd-krb5.5.xml:272
msgid "krb5_keytab (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:266
+#: sssd-krb5.5.xml:275
msgid ""
"The location of the keytab to use when validating credentials obtained from "
"KDCs."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:270
+#: sssd-krb5.5.xml:279
msgid "Default: /etc/krb5.keytab"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:276
+#: sssd-krb5.5.xml:285
msgid "krb5_store_password_if_offline (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:279
+#: sssd-krb5.5.xml:288
msgid ""
"Store the password of the user if the provider is offline and use it to "
"request a TGT when the provider comes online again."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:284
+#: sssd-krb5.5.xml:293
msgid ""
"NOTE: this feature is only available on Linux. Passwords stored in this way "
"are kept in plaintext in the kernel keyring and are potentially accessible "
@@ -8372,91 +8498,91 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:297
+#: sssd-krb5.5.xml:306
msgid "krb5_renewable_lifetime (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:300
+#: sssd-krb5.5.xml:309
msgid ""
"Request a renewable ticket with a total lifetime, given as an integer "
"immediately followed by a time unit:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:305 sssd-krb5.5.xml:339 sssd-krb5.5.xml:376
+#: sssd-krb5.5.xml:314 sssd-krb5.5.xml:348 sssd-krb5.5.xml:385
msgid "<emphasis>s</emphasis> for seconds"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:308 sssd-krb5.5.xml:342 sssd-krb5.5.xml:379
+#: sssd-krb5.5.xml:317 sssd-krb5.5.xml:351 sssd-krb5.5.xml:388
msgid "<emphasis>m</emphasis> for minutes"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:311 sssd-krb5.5.xml:345 sssd-krb5.5.xml:382
+#: sssd-krb5.5.xml:320 sssd-krb5.5.xml:354 sssd-krb5.5.xml:391
msgid "<emphasis>h</emphasis> for hours"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:314 sssd-krb5.5.xml:348 sssd-krb5.5.xml:385
+#: sssd-krb5.5.xml:323 sssd-krb5.5.xml:357 sssd-krb5.5.xml:394
msgid "<emphasis>d</emphasis> for days."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:317 sssd-krb5.5.xml:388
+#: sssd-krb5.5.xml:326 sssd-krb5.5.xml:397
msgid "If there is no unit given, <emphasis>s</emphasis> is assumed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:321 sssd-krb5.5.xml:392
+#: sssd-krb5.5.xml:330 sssd-krb5.5.xml:401
msgid ""
"NOTE: It is not possible to mix units. To set the renewable lifetime to one "
"and a half hours, use '90m' instead of '1h30m'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:326
+#: sssd-krb5.5.xml:335
msgid "Default: not set, i.e. the TGT is not renewable"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:332
+#: sssd-krb5.5.xml:341
msgid "krb5_lifetime (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:335
+#: sssd-krb5.5.xml:344
msgid ""
"Request ticket with a lifetime, given as an integer immediately followed by "
"a time unit:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:351
+#: sssd-krb5.5.xml:360
msgid "If there is no unit given <emphasis>s</emphasis> is assumed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:355
+#: sssd-krb5.5.xml:364
msgid ""
"NOTE: It is not possible to mix units. To set the lifetime to one and a "
"half hours please use '90m' instead of '1h30m'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:360
+#: sssd-krb5.5.xml:369
msgid ""
"Default: not set, i.e. the default ticket lifetime configured on the KDC."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:367
+#: sssd-krb5.5.xml:376
msgid "krb5_renew_interval (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:370
+#: sssd-krb5.5.xml:379
msgid ""
"The time in seconds between two checks if the TGT should be renewed. TGTs "
"are renewed if about half of their lifetime is exceeded, given as an integer "
@@ -8464,56 +8590,89 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:397
+#: sssd-krb5.5.xml:406
msgid "If this option is not set or is 0 the automatic renewal is disabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:415
+#: sssd-krb5.5.xml:424
msgid ""
"<emphasis>never</emphasis> use FAST. This is equivalent to not setting this "
"option at all."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:419
+#: sssd-krb5.5.xml:428
msgid ""
"<emphasis>try</emphasis> to use FAST. If the server does not support FAST, "
"continue the authentication without it."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:429
+#: sssd-krb5.5.xml:438
msgid "Default: not set, i.e. FAST is not used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:432
+#: sssd-krb5.5.xml:441
msgid "NOTE: a keytab is required to use FAST."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:444
+#: sssd-krb5.5.xml:453
msgid "krb5_fast_principal (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:447
+#: sssd-krb5.5.xml:456
msgid "Specifies the server principal to use for FAST."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:456
+#: sssd-krb5.5.xml:465
msgid ""
"Specifies if the host and user principal should be canonicalized. This "
"feature is available with MIT Kerberos 1.7 and later versions."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:505
+#: sssd-krb5.5.xml:514
msgid "Default: false (AD provider: true)"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:520
+msgid "krb5_map_user (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:523
+msgid ""
+"The list of mappings is given as a comma-separated list of pairs "
+"<quote>username:primary</quote> where <quote>username</quote> is a UNIX user "
+"name and <quote>primary</quote> is a user part of a kerberos principal. This "
+"mapping is used when user is authenticating using <quote>auth_provider = "
+"krb5</quote>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd-krb5.5.xml:535
+#, no-wrap
+msgid ""
+"krb5_realm = REALM\n"
+"krb5_map_user = joe:juser,dick:richard\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:540
+msgid ""
+"<quote>joe</quote> and <quote>dick</quote> are UNIX user names and "
+"<quote>juser</quote> and <quote>richard</quote> are primaries of kerberos "
+"principals. For user <quote>joe</quote> resp. <quote>dick</quote> SSSD will "
+"try to kinit as <quote>juser@REALM</quote> resp. <quote>richard@REALM</"
+"quote>."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-krb5.5.xml:65
msgid ""
@@ -8525,7 +8684,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-krb5.5.xml:521
+#: sssd-krb5.5.xml:566
msgid ""
"The following example assumes that SSSD is correctly configured and FOO is "
"one of the domains in the <replaceable>[sssd]</replaceable> section. This "
@@ -8534,7 +8693,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-krb5.5.xml:529
+#: sssd-krb5.5.xml:574
#, no-wrap
msgid ""
" [domain/FOO]\n"
diff --git a/src/man/po/sssd-docs.pot b/src/man/po/sssd-docs.pot
index a9da36d43..7fbf47480 100644
--- a/src/man/po/sssd-docs.pot
+++ b/src/man/po/sssd-docs.pot
@@ -6,9 +6,9 @@
#, fuzzy
msgid ""
msgstr ""
-"Project-Id-Version: sssd-docs 1.12.4\n"
+"Project-Id-Version: sssd-docs 1.12.5\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2015-02-18 16:52+0100\n"
+"POT-Creation-Date: 2015-06-12 10:36+0200\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -199,7 +199,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:81 sssd.conf.5.xml:571 sssd.conf.5.xml:1014 sssd-ldap.5.xml:1625 sssd-ldap.5.xml:1722 sssd-ldap.5.xml:1784 sssd-ldap.5.xml:2273 sssd-ldap.5.xml:2338 sssd-ldap.5.xml:2356 sssd-ipa.5.xml:378 sssd-ipa.5.xml:413 sssd-ad.5.xml:166 sssd-ad.5.xml:264 sssd-ad.5.xml:714 sssd-ad.5.xml:806 sssd-krb5.5.xml:490
+#: sssd.conf.5.xml:81 sssd.conf.5.xml:602 sssd.conf.5.xml:1066 sssd-ldap.5.xml:1625 sssd-ldap.5.xml:1722 sssd-ldap.5.xml:1784 sssd-ldap.5.xml:2324 sssd-ldap.5.xml:2389 sssd-ldap.5.xml:2407 sssd-ipa.5.xml:378 sssd-ipa.5.xml:413 sssd-ad.5.xml:166 sssd-ad.5.xml:264 sssd-ad.5.xml:714 sssd-ad.5.xml:806 sssd-krb5.5.xml:499
msgid "Default: true"
msgstr ""
@@ -216,12 +216,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:94 sssd.conf.5.xml:968 sssd.conf.5.xml:2043 sssd-ldap.5.xml:692 sssd-ldap.5.xml:1499 sssd-ldap.5.xml:1518 sssd-ldap.5.xml:1694 sssd-ldap.5.xml:2060 sssd-ipa.5.xml:139 sssd-ipa.5.xml:208 sssd-ipa.5.xml:543 sssd-krb5.5.xml:257 sssd-krb5.5.xml:291 sssd-krb5.5.xml:462
+#: sssd.conf.5.xml:94 sssd.conf.5.xml:1020 sssd.conf.5.xml:2095 sssd-ldap.5.xml:692 sssd-ldap.5.xml:1499 sssd-ldap.5.xml:1518 sssd-ldap.5.xml:1694 sssd-ldap.5.xml:2111 sssd-ipa.5.xml:139 sssd-ipa.5.xml:208 sssd-ipa.5.xml:543 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 sssd-krb5.5.xml:471
msgid "Default: false"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:67 sssd.conf.5.xml:105 sssd-ldap.5.xml:2081
+#: sssd.conf.5.xml:67 sssd.conf.5.xml:105 sssd-ldap.5.xml:2132
msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
@@ -258,7 +258,7 @@ msgid "The [sssd] section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:137 sssd.conf.5.xml:2127
+#: sssd.conf.5.xml:137 sssd.conf.5.xml:2179
msgid "Section parameters"
msgstr ""
@@ -327,7 +327,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:193 sssd.conf.5.xml:1826
+#: sssd.conf.5.xml:193 sssd.conf.5.xml:1878
msgid "re_expression (string)"
msgstr ""
@@ -347,12 +347,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:210 sssd.conf.5.xml:1877
+#: sssd.conf.5.xml:210 sssd.conf.5.xml:1929
msgid "full_name_format (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:213 sssd.conf.5.xml:1880
+#: sssd.conf.5.xml:213 sssd.conf.5.xml:1932
msgid ""
"A <citerefentry> <refentrytitle>printf</refentrytitle> "
"<manvolnum>3</manvolnum> </citerefentry>-compatible format that describes "
@@ -361,39 +361,39 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:224 sssd.conf.5.xml:1891
+#: sssd.conf.5.xml:224 sssd.conf.5.xml:1943
msgid "%1$s"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:225 sssd.conf.5.xml:1892
+#: sssd.conf.5.xml:225 sssd.conf.5.xml:1944
msgid "user name"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:228 sssd.conf.5.xml:1895
+#: sssd.conf.5.xml:228 sssd.conf.5.xml:1947
msgid "%2$s"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:231 sssd.conf.5.xml:1898
+#: sssd.conf.5.xml:231 sssd.conf.5.xml:1950
msgid "domain name as specified in the SSSD config file."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:237 sssd.conf.5.xml:1904
+#: sssd.conf.5.xml:237 sssd.conf.5.xml:1956
msgid "%3$s"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:240 sssd.conf.5.xml:1907
+#: sssd.conf.5.xml:240 sssd.conf.5.xml:1959
msgid ""
"domain flat name. Mostly usable for Active Directory domains, both directly "
"configured or discovered via IPA trusts."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:221 sssd.conf.5.xml:1888
+#: sssd.conf.5.xml:221 sssd.conf.5.xml:1940
msgid ""
"The following expansions are supported: <placeholder type=\"variablelist\" "
"id=\"0\"/>"
@@ -508,7 +508,7 @@ msgid ""
msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:336 sssd-ldap.5.xml:663 sssd-ldap.5.xml:1458 sssd-ldap.5.xml:1470 sssd-ldap.5.xml:1552 sssd-ad.5.xml:557 sssd-ad.5.xml:627 sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:203 include/ldap_id_mapping.xml:214
+#: sssd.conf.5.xml:336 sssd-ldap.5.xml:663 sssd-ldap.5.xml:1458 sssd-ldap.5.xml:1470 sssd-ldap.5.xml:1552 sssd-ad.5.xml:557 sssd-ad.5.xml:627 sssd-krb5.5.xml:410 sssd-krb5.5.xml:550 include/ldap_id_mapping.xml:203 include/ldap_id_mapping.xml:214
msgid "Default: not set"
msgstr ""
@@ -610,17 +610,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:427 sssd.conf.5.xml:443 sssd.conf.5.xml:475 sssd.conf.5.xml:702 sssd.conf.5.xml:888 sssd.conf.5.xml:1209 sssd-ldap.5.xml:1200
+#: sssd.conf.5.xml:427 sssd.conf.5.xml:443 sssd.conf.5.xml:475 sssd.conf.5.xml:733 sssd.conf.5.xml:919 sssd.conf.5.xml:1261 sssd-ldap.5.xml:1200
msgid "Default: 60"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:432 sssd.conf.5.xml:1198
+#: sssd.conf.5.xml:432 sssd.conf.5.xml:1250
msgid "force_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:435 sssd.conf.5.xml:1201
+#: sssd.conf.5.xml:435 sssd.conf.5.xml:1253
msgid ""
"If a service is not responding to ping checks (see the "
"<quote>timeout</quote> option), it is first sent the SIGTERM signal that "
@@ -667,42 +667,93 @@ msgid ""
"will be forced to one hour."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:480
+msgid "subdomain_inherit (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:483
+msgid ""
+"Specifies a list of configuration parameters that should be inherited by a "
+"subdomain. Please note that only selected parameters can be inherited. "
+"Currently the following options can be inherited:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:489
+msgid "ignore_group_members"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:492
+msgid "ldap_purge_cache_timeout"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:495 sssd-ldap.5.xml:1017
+msgid "ldap_use_tokengroups"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:498
+msgid "ldap_user_principal"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd.conf.5.xml:503
+#, no-wrap
+msgid ""
+"subdomain_inherit = ldap_purge_cache_timeout\n"
+" "
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:501
+msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:507 sssd.conf.5.xml:963 sssd.conf.5.xml:984 sssd.conf.5.xml:1244 sssd-ldap.5.xml:1753
+msgid "Default: none"
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:484
+#: sssd.conf.5.xml:515
msgid "NSS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:486
+#: sssd.conf.5.xml:517
msgid ""
"These options can be used to configure the Name Service Switch (NSS) "
"service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:491
+#: sssd.conf.5.xml:522
msgid "enum_cache_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:494
+#: sssd.conf.5.xml:525
msgid ""
"How many seconds should nss_sss cache enumerations (requests for info about "
"all users)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:498
+#: sssd.conf.5.xml:529
msgid "Default: 120"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:503
+#: sssd.conf.5.xml:534
msgid "entry_cache_nowait_percentage (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:506
+#: sssd.conf.5.xml:537
msgid ""
"The entry cache can be set to automatically update entries in the background "
"if they are requested beyond a percentage of the entry_cache_timeout value "
@@ -710,7 +761,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:512
+#: sssd.conf.5.xml:543
msgid ""
"For example, if the domain's entry_cache_timeout is set to 30s and "
"entry_cache_nowait_percentage is set to 50 (percent), entries that come in "
@@ -720,7 +771,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:522
+#: sssd.conf.5.xml:553
msgid ""
"Valid values for this option are 0-99 and represent a percentage of the "
"entry_cache_timeout for each domain. For performance reasons, this "
@@ -729,17 +780,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:530
+#: sssd.conf.5.xml:561
msgid "Default: 50"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:535
+#: sssd.conf.5.xml:566
msgid "entry_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:538
+#: sssd.conf.5.xml:569
msgid ""
"Specifies for how many seconds nss_sss should cache negative cache hits "
"(that is, queries for invalid database entries, like nonexistent ones) "
@@ -747,17 +798,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:544 sssd.conf.5.xml:992
+#: sssd.conf.5.xml:575 sssd.conf.5.xml:1044
msgid "Default: 15"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:549
+#: sssd.conf.5.xml:580
msgid "filter_users, filter_groups (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:552
+#: sssd.conf.5.xml:583
msgid ""
"Exclude certain users from being fetched from the sss NSS database. This is "
"particularly useful for system accounts. This option can also be set "
@@ -766,39 +817,39 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:559
+#: sssd.conf.5.xml:590
msgid "Default: root"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:564
+#: sssd.conf.5.xml:595
msgid "filter_users_in_groups (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:567
+#: sssd.conf.5.xml:598
msgid "If you want filtered user still be group members set this option to false."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:578
+#: sssd.conf.5.xml:609
msgid "fallback_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:581
+#: sssd.conf.5.xml:612
msgid ""
"Set a default template for a user's home directory if one is not specified "
"explicitly by the domain's data provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:586
+#: sssd.conf.5.xml:617
msgid "The available values for this option are the same as for override_homedir."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
-#: sssd.conf.5.xml:592
+#: sssd.conf.5.xml:623
#, no-wrap
msgid ""
"fallback_homedir = /home/%u\n"
@@ -806,22 +857,22 @@ msgid ""
msgstr ""
#. type: Content of: <varlistentry><listitem><para>
-#: sssd.conf.5.xml:590 include/override_homedir.xml:55
+#: sssd.conf.5.xml:621 sssd.conf.5.xml:978 sssd-krb5.5.xml:533 include/override_homedir.xml:55
msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:596
+#: sssd.conf.5.xml:627
msgid "Default: not set (no substitution for unset home directories)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:602
+#: sssd.conf.5.xml:633
msgid "override_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:605
+#: sssd.conf.5.xml:636
msgid ""
"Override the login shell for all users. This option supersedes any other "
"shell options if it takes effect and can be set either in the [nss] section "
@@ -829,46 +880,46 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:611
+#: sssd.conf.5.xml:642
msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:617
+#: sssd.conf.5.xml:648
msgid "allowed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:620
+#: sssd.conf.5.xml:651
msgid "Restrict user shell to one of the listed values. The order of evaluation is:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:623
+#: sssd.conf.5.xml:654
msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:627
+#: sssd.conf.5.xml:658
msgid ""
"2. If the shell is in the allowed_shells list but not in "
"<quote>/etc/shells</quote>, use the value of the shell_fallback parameter."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:632
+#: sssd.conf.5.xml:663
msgid ""
"3. If the shell is not in the allowed_shells list and not in "
"<quote>/etc/shells</quote>, a nologin shell is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:637
+#: sssd.conf.5.xml:668
msgid "The wildcard (*) can be used to allow any shell."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:640
+#: sssd.conf.5.xml:671
msgid ""
"The (*) is useful if you want to use shell_fallback in case that user's "
"shell is not in <quote>/etc/shells</quote> and maintaining list of all "
@@ -876,56 +927,56 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:647
+#: sssd.conf.5.xml:678
msgid "An empty string for shell is passed as-is to libc."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:650
+#: sssd.conf.5.xml:681
msgid ""
"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
"that a restart of the SSSD is required in case a new shell is installed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:654
+#: sssd.conf.5.xml:685
msgid "Default: Not set. The user shell is automatically used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:659
+#: sssd.conf.5.xml:690
msgid "vetoed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:662
+#: sssd.conf.5.xml:693
msgid "Replace any instance of these shells with the shell_fallback"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:667
+#: sssd.conf.5.xml:698
msgid "shell_fallback (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:670
+#: sssd.conf.5.xml:701
msgid ""
"The default shell to use if an allowed shell is not installed on the "
"machine."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:674
+#: sssd.conf.5.xml:705
msgid "Default: /bin/sh"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:679
+#: sssd.conf.5.xml:710
msgid "default_shell"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:682
+#: sssd.conf.5.xml:713
msgid ""
"The default shell to use if the provider does not return one during "
"lookup. This option can be specified globally in the [nss] section or "
@@ -933,48 +984,48 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:688
+#: sssd.conf.5.xml:719
msgid ""
"Default: not set (Return NULL if no shell is specified and rely on libc to "
"substitute something sensible when necessary, usually /bin/sh)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:695 sssd.conf.5.xml:881
+#: sssd.conf.5.xml:726 sssd.conf.5.xml:912
msgid "get_domains_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:698 sssd.conf.5.xml:884
+#: sssd.conf.5.xml:729 sssd.conf.5.xml:915
msgid ""
"Specifies time in seconds for which the list of subdomains will be "
"considered valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:707
+#: sssd.conf.5.xml:738
msgid "memcache_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:710
+#: sssd.conf.5.xml:741
msgid ""
"Specifies time in seconds for which records in the in-memory cache will be "
"valid"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:714 sssd-ldap.5.xml:706
+#: sssd.conf.5.xml:745 sssd-ldap.5.xml:706
msgid "Default: 300"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:719 sssd-ifp.5.xml:74
+#: sssd.conf.5.xml:750 sssd-ifp.5.xml:74
msgid "user_attributes (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:722
+#: sssd.conf.5.xml:753
msgid ""
"Some of the additional NSS responder requests can return more attributes "
"than just the POSIX ones defined by the NSS interface. The list of "
@@ -986,72 +1037,72 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:735
+#: sssd.conf.5.xml:766
msgid ""
"To make configuration more easy the NSS responder will check the InfoPipe "
"option if it is not set for the NSS responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:740
+#: sssd.conf.5.xml:771
msgid "Default: not set, fallback to InfoPipe option"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:747
+#: sssd.conf.5.xml:778
msgid "PAM configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:749
+#: sssd.conf.5.xml:780
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:754
+#: sssd.conf.5.xml:785
msgid "offline_credentials_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:757
+#: sssd.conf.5.xml:788
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:762 sssd.conf.5.xml:775
+#: sssd.conf.5.xml:793 sssd.conf.5.xml:806
msgid "Default: 0 (No limit)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:768
+#: sssd.conf.5.xml:799
msgid "offline_failed_login_attempts (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:771
+#: sssd.conf.5.xml:802
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:781
+#: sssd.conf.5.xml:812
msgid "offline_failed_login_delay (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:784
+#: sssd.conf.5.xml:815
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:789
+#: sssd.conf.5.xml:820
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -1059,59 +1110,59 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:795 sssd.conf.5.xml:848
+#: sssd.conf.5.xml:826 sssd.conf.5.xml:879
msgid "Default: 5"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:801
+#: sssd.conf.5.xml:832
msgid "pam_verbosity (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:804
+#: sssd.conf.5.xml:835
msgid ""
"Controls what kind of messages are shown to the user during "
"authentication. The higher the number to more messages are displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:809
+#: sssd.conf.5.xml:840
msgid "Currently sssd supports the following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:812
+#: sssd.conf.5.xml:843
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:815
+#: sssd.conf.5.xml:846
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:819
+#: sssd.conf.5.xml:850
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:822
+#: sssd.conf.5.xml:853
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:826 sssd.8.xml:63
+#: sssd.conf.5.xml:857 sssd.8.xml:63
msgid "Default: 1"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:831
+#: sssd.conf.5.xml:862
msgid "pam_id_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:834
+#: sssd.conf.5.xml:865
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -1119,7 +1170,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:840
+#: sssd.conf.5.xml:871
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a "
@@ -1129,17 +1180,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:854
+#: sssd.conf.5.xml:885
msgid "pam_pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:857 sssd.conf.5.xml:1390
+#: sssd.conf.5.xml:888 sssd.conf.5.xml:1442
msgid "Display a warning N days before the password expires."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:860
+#: sssd.conf.5.xml:891
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1147,7 +1198,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:866 sssd.conf.5.xml:1393
+#: sssd.conf.5.xml:897 sssd.conf.5.xml:1445
msgid ""
"If zero is set, then this filter is not applied, i.e. if the expiration "
"warning was received from backend server, it will automatically be "
@@ -1155,24 +1206,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:871
+#: sssd.conf.5.xml:902
msgid ""
"This setting can be overridden by setting "
"<emphasis>pwd_expiration_warning</emphasis> for a particular domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:876 sssd.8.xml:79
+#: sssd.conf.5.xml:907 sssd.8.xml:79
msgid "Default: 0"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:893
+#: sssd.conf.5.xml:924
msgid "pam_trusted_users (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:896
+#: sssd.conf.5.xml:927
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAM responder. User names are resolved to UIDs at "
@@ -1180,58 +1231,74 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:902
+#: sssd.conf.5.xml:933
msgid "Default: all (All users are allowed to access the PAM responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:906
+#: sssd.conf.5.xml:937
msgid ""
"Please note that UID 0 is always allowed to access the PAM responder even in "
"case it is not in the pam_trusted_users list."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:913
+#: sssd.conf.5.xml:944
msgid "pam_public_domains (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:916
+#: sssd.conf.5.xml:947
msgid ""
"Specifies the comma-separated list of domain names that are accessible even "
"to untrusted users."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:920
+#: sssd.conf.5.xml:951
msgid "Two special values for pam_public_domains option are defined:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:924
+#: sssd.conf.5.xml:955
msgid "all (Untrusted users are allowed to access all domains in PAM responder.)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:928
+#: sssd.conf.5.xml:959
msgid ""
"none (Untrusted users are not allowed to access any domains PAM in "
"responder.)"
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:932 sssd.conf.5.xml:1192 sssd-ldap.5.xml:1753
-msgid "Default: none"
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:968
+msgid "pam_account_expired_message (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:971
+msgid ""
+"If user is authenticating using SSH keys and account is expired then by "
+"default 'Permission denied' is output. This output will be changed to "
+"content of this variable if it is set."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd.conf.5.xml:980
+#, no-wrap
+msgid ""
+"pam_account_expired_message = Account expired, please call help desk.\n"
+" "
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:941
+#: sssd.conf.5.xml:993
msgid "SUDO configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:943
+#: sssd.conf.5.xml:995
msgid ""
"These options can be used to configure the sudo service. The detailed "
"instructions for configuration of <citerefentry> "
@@ -1243,34 +1310,34 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:960
+#: sssd.conf.5.xml:1012
msgid "sudo_timed (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:1015
msgid ""
"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
"that implement time-dependent sudoers entries."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:976
+#: sssd.conf.5.xml:1028
msgid "AUTOFS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:978
+#: sssd.conf.5.xml:1030
msgid "These options can be used to configure the autofs service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:982
+#: sssd.conf.5.xml:1034
msgid "autofs_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:985
+#: sssd.conf.5.xml:1037
msgid ""
"Specifies for how many seconds should the autofs responder negative cache "
"hits (that is, queries for invalid map entries, like nonexistent ones) "
@@ -1278,51 +1345,51 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1001
+#: sssd.conf.5.xml:1053
msgid "SSH configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1003
+#: sssd.conf.5.xml:1055
msgid "These options can be used to configure the SSH service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1007
+#: sssd.conf.5.xml:1059
msgid "ssh_hash_known_hosts (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1010
+#: sssd.conf.5.xml:1062
msgid ""
"Whether or not to hash host names and addresses in the managed known_hosts "
"file."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1019
+#: sssd.conf.5.xml:1071
msgid "ssh_known_hosts_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1022
+#: sssd.conf.5.xml:1074
msgid ""
"How many seconds to keep a host in the managed known_hosts file after its "
"host keys were requested."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1026
+#: sssd.conf.5.xml:1078
msgid "Default: 180"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1034
+#: sssd.conf.5.xml:1086
msgid "PAC responder configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1036
+#: sssd.conf.5.xml:1088
msgid ""
"The PAC responder works together with the authorization data plugin for MIT "
"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
@@ -1334,7 +1401,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1045
+#: sssd.conf.5.xml:1097
msgid ""
"If the remote user does not exist in the cache, it is created. The uid is "
"determined with the help of the SID, trusted domains will have UPGs and the "
@@ -1345,24 +1412,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1053
+#: sssd.conf.5.xml:1105
msgid ""
"If there are SIDs of groups from domains sssd knows about, the user will be "
"added to those groups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1059
+#: sssd.conf.5.xml:1111
msgid "These options can be used to configure the PAC responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1063 sssd-ifp.5.xml:50
+#: sssd.conf.5.xml:1115 sssd-ifp.5.xml:50
msgid "allowed_uids (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1066
+#: sssd.conf.5.xml:1118
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAC responder. User names are resolved to UIDs at "
@@ -1370,12 +1437,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1072
+#: sssd.conf.5.xml:1124
msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1076
+#: sssd.conf.5.xml:1128
msgid ""
"Please note that although the UID 0 is used as the default it will be "
"overwritten with this option. If you still want to allow the root user to "
@@ -1384,24 +1451,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:1090
+#: sssd.conf.5.xml:1142
msgid "DOMAIN SECTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1097
+#: sssd.conf.5.xml:1149
msgid "min_id,max_id (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1100
+#: sssd.conf.5.xml:1152
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1105
+#: sssd.conf.5.xml:1157
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For "
@@ -1410,46 +1477,46 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1112
+#: sssd.conf.5.xml:1164
msgid ""
"These ID limits affect even saving entries to cache, not only returning them "
"by name or ID."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1116
+#: sssd.conf.5.xml:1168
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1122
+#: sssd.conf.5.xml:1174
msgid "enumerate (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1125
+#: sssd.conf.5.xml:1177
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1129
+#: sssd.conf.5.xml:1181
msgid "TRUE = Users and groups are enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1132
+#: sssd.conf.5.xml:1184
msgid "FALSE = No enumerations for this domain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1135 sssd.conf.5.xml:1367 sssd.conf.5.xml:1476 sssd.conf.5.xml:1493
+#: sssd.conf.5.xml:1187 sssd.conf.5.xml:1419 sssd.conf.5.xml:1528 sssd.conf.5.xml:1545
msgid "Default: FALSE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1138
+#: sssd.conf.5.xml:1190
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
@@ -1461,14 +1528,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1151
+#: sssd.conf.5.xml:1203
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1156
+#: sssd.conf.5.xml:1208
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -1477,39 +1544,39 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1164
+#: sssd.conf.5.xml:1216
msgid ""
"For the reasons cited above, enabling enumeration is not recommended, "
"especially in large environments."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1172
+#: sssd.conf.5.xml:1224
msgid "subdomain_enumerate (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1179
+#: sssd.conf.5.xml:1231
msgid "all"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1180
+#: sssd.conf.5.xml:1232
msgid "All discovered trusted domains will be enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1183
+#: sssd.conf.5.xml:1235
msgid "none"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1184
+#: sssd.conf.5.xml:1236
msgid "No discovered trusted domains will be enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1175
+#: sssd.conf.5.xml:1227
msgid ""
"Whether any of autodetected trusted domains should be enumerated. The "
"supported values are: <placeholder type=\"variablelist\" id=\"0\"/> "
@@ -1518,19 +1585,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1215
+#: sssd.conf.5.xml:1267
msgid "entry_cache_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1218
+#: sssd.conf.5.xml:1270
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1222
+#: sssd.conf.5.xml:1274
msgid ""
"The cache expiration timestamps are stored as attributes of individual "
"objects in the cache. Therefore, changing the cache timeout only has effect "
@@ -1541,148 +1608,150 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1235
+#: sssd.conf.5.xml:1287
msgid "Default: 5400"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1241
+#: sssd.conf.5.xml:1293
msgid "entry_cache_user_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1244
+#: sssd.conf.5.xml:1296
msgid ""
"How many seconds should nss_sss consider user entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1248 sssd.conf.5.xml:1261 sssd.conf.5.xml:1274 sssd.conf.5.xml:1287 sssd.conf.5.xml:1300 sssd.conf.5.xml:1314 sssd.conf.5.xml:1328
+#: sssd.conf.5.xml:1300 sssd.conf.5.xml:1313 sssd.conf.5.xml:1326 sssd.conf.5.xml:1339 sssd.conf.5.xml:1352 sssd.conf.5.xml:1366 sssd.conf.5.xml:1380
msgid "Default: entry_cache_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1254
+#: sssd.conf.5.xml:1306
msgid "entry_cache_group_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1257
+#: sssd.conf.5.xml:1309
msgid ""
"How many seconds should nss_sss consider group entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1267
+#: sssd.conf.5.xml:1319
msgid "entry_cache_netgroup_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1270
+#: sssd.conf.5.xml:1322
msgid ""
"How many seconds should nss_sss consider netgroup entries valid before "
"asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1280
+#: sssd.conf.5.xml:1332
msgid "entry_cache_service_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1283
+#: sssd.conf.5.xml:1335
msgid ""
"How many seconds should nss_sss consider service entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1293
+#: sssd.conf.5.xml:1345
msgid "entry_cache_sudo_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1296
+#: sssd.conf.5.xml:1348
msgid ""
"How many seconds should sudo consider rules valid before asking the backend "
"again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1306
+#: sssd.conf.5.xml:1358
msgid "entry_cache_autofs_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1309
+#: sssd.conf.5.xml:1361
msgid ""
"How many seconds should the autofs service consider automounter maps valid "
"before asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1320
+#: sssd.conf.5.xml:1372
msgid "entry_cache_ssh_host_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1323
+#: sssd.conf.5.xml:1375
msgid ""
"How many seconds to keep a host ssh key after refresh. IE how long to cache "
"the host key for."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1334
+#: sssd.conf.5.xml:1386
msgid "refresh_expired_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1337
+#: sssd.conf.5.xml:1389
msgid ""
"Specifies how many seconds SSSD has to wait before triggering a background "
"refresh task which will refresh all expired or nearly expired records."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1342
-msgid "Currently only refreshing expired netgroups is supported."
+#: sssd.conf.5.xml:1394
+msgid ""
+"The background refresh will process users, groups and netgroups in the "
+"cache."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1346
+#: sssd.conf.5.xml:1398
msgid "You can consider setting this value to 3/4 * entry_cache_timeout."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1350 sssd-ipa.5.xml:224
+#: sssd.conf.5.xml:1402 sssd-ipa.5.xml:224
msgid "Default: 0 (disabled)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1356
+#: sssd.conf.5.xml:1408
msgid "cache_credentials (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1359
+#: sssd.conf.5.xml:1411
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1363
+#: sssd.conf.5.xml:1415
msgid "User credentials are stored in a SHA512 hash, not in plaintext"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1372
+#: sssd.conf.5.xml:1424
msgid "account_cache_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1375
+#: sssd.conf.5.xml:1427
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -1691,17 +1760,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1382
+#: sssd.conf.5.xml:1434
msgid "Default: 0 (unlimited)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1387
+#: sssd.conf.5.xml:1439
msgid "pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1398
+#: sssd.conf.5.xml:1450
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1710,34 +1779,34 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1405
+#: sssd.conf.5.xml:1457
msgid "Default: 7 (Kerberos), 0 (LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1411
+#: sssd.conf.5.xml:1463
msgid "id_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1414
+#: sssd.conf.5.xml:1466
msgid ""
"The identification provider used for the domain. Supported ID providers "
"are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1418
+#: sssd.conf.5.xml:1470
msgid "<quote>proxy</quote>: Support a legacy NSS provider"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1421 sssd.conf.5.xml:1539
+#: sssd.conf.5.xml:1473 sssd.conf.5.xml:1591
msgid "<quote>local</quote>: SSSD internal provider for local users"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1425
+#: sssd.conf.5.xml:1477
msgid ""
"<quote>ldap</quote>: LDAP provider. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> "
@@ -1745,7 +1814,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1433 sssd.conf.5.xml:1519 sssd.conf.5.xml:1574 sssd.conf.5.xml:1627
+#: sssd.conf.5.xml:1485 sssd.conf.5.xml:1571 sssd.conf.5.xml:1626 sssd.conf.5.xml:1679
msgid ""
"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -1754,7 +1823,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1442 sssd.conf.5.xml:1528 sssd.conf.5.xml:1583 sssd.conf.5.xml:1636
+#: sssd.conf.5.xml:1494 sssd.conf.5.xml:1580 sssd.conf.5.xml:1635 sssd.conf.5.xml:1688
msgid ""
"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> "
@@ -1762,19 +1831,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1453
+#: sssd.conf.5.xml:1505
msgid "use_fully_qualified_names (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1456
+#: sssd.conf.5.xml:1508
msgid ""
"Use the full name and domain (as formatted by the domain's full_name_format) "
"as the user's login name reported to NSS."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1461
+#: sssd.conf.5.xml:1513
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified "
"names. For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -1783,7 +1852,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1469
+#: sssd.conf.5.xml:1521
msgid ""
"NOTE: This option has no effect on netgroup lookups due to their tendency to "
"include nested netgroups without qualified names. For netgroups, all domains "
@@ -1791,17 +1860,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1481
+#: sssd.conf.5.xml:1533
msgid "ignore_group_members (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1484
+#: sssd.conf.5.xml:1536
msgid "Do not return group members for group lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1487
+#: sssd.conf.5.xml:1539
msgid ""
"If set to TRUE, the group membership attribute is not requested from the "
"ldap server, and group members are not returned when processing group lookup "
@@ -1809,19 +1878,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1498
+#: sssd.conf.5.xml:1550
msgid "auth_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1501
+#: sssd.conf.5.xml:1553
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1505 sssd.conf.5.xml:1567
+#: sssd.conf.5.xml:1557 sssd.conf.5.xml:1619
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> "
@@ -1829,7 +1898,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1512
+#: sssd.conf.5.xml:1564
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> "
@@ -1837,29 +1906,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1536
+#: sssd.conf.5.xml:1588
msgid "<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1543
+#: sssd.conf.5.xml:1595
msgid "<quote>none</quote> disables authentication explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1546
+#: sssd.conf.5.xml:1598
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1552
+#: sssd.conf.5.xml:1604
msgid "access_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1555
+#: sssd.conf.5.xml:1607
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -1867,19 +1936,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1561
+#: sssd.conf.5.xml:1613
msgid ""
"<quote>permit</quote> always allow access. It's the only permitted access "
"provider for a local domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1564
+#: sssd.conf.5.xml:1616
msgid "<quote>deny</quote> always deny access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1591
+#: sssd.conf.5.xml:1643
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> "
@@ -1888,24 +1957,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1598
+#: sssd.conf.5.xml:1650
msgid "Default: <quote>permit</quote>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1603
+#: sssd.conf.5.xml:1655
msgid "chpass_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1606
+#: sssd.conf.5.xml:1658
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1611
+#: sssd.conf.5.xml:1663
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> "
@@ -1914,7 +1983,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1619
+#: sssd.conf.5.xml:1671
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> "
@@ -1922,34 +1991,34 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1644
+#: sssd.conf.5.xml:1696
msgid "<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1648
+#: sssd.conf.5.xml:1700
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1651
+#: sssd.conf.5.xml:1703
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1658
+#: sssd.conf.5.xml:1710
msgid "sudo_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1661
+#: sssd.conf.5.xml:1713
msgid "The SUDO provider used for the domain. Supported SUDO providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1665
+#: sssd.conf.5.xml:1717
msgid ""
"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> "
@@ -1957,31 +2026,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1673
+#: sssd.conf.5.xml:1725
msgid ""
"<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default "
"settings."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1677
+#: sssd.conf.5.xml:1729
msgid ""
"<quote>ad</quote> the same as <quote>ldap</quote> but with AD default "
"settings."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1681
+#: sssd.conf.5.xml:1733
msgid "<quote>none</quote> disables SUDO explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1684 sssd.conf.5.xml:1762 sssd.conf.5.xml:1794 sssd.conf.5.xml:1819
+#: sssd.conf.5.xml:1736 sssd.conf.5.xml:1814 sssd.conf.5.xml:1846 sssd.conf.5.xml:1871
msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1688
+#: sssd.conf.5.xml:1740
msgid ""
"The detailed instructions for configuration of sudo_provider are in the "
"manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> "
@@ -1992,12 +2061,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1705
+#: sssd.conf.5.xml:1757
msgid "selinux_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1708
+#: sssd.conf.5.xml:1760
msgid ""
"The provider which should handle loading of selinux settings. Note that this "
"provider will be called right after access provider ends. Supported selinux "
@@ -2005,7 +2074,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1714
+#: sssd.conf.5.xml:1766
msgid ""
"<quote>ipa</quote> to load selinux settings from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -2014,31 +2083,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1722
+#: sssd.conf.5.xml:1774
msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1725
+#: sssd.conf.5.xml:1777
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"selinux loading requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1731
+#: sssd.conf.5.xml:1783
msgid "subdomains_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1734
+#: sssd.conf.5.xml:1786
msgid ""
"The provider which should handle fetching of subdomains. This value should "
"be always the same as id_provider. Supported subdomain providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1740
+#: sssd.conf.5.xml:1792
msgid ""
"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -2047,7 +2116,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1749
+#: sssd.conf.5.xml:1801
msgid ""
"<quote>ad</quote> to load a list of subdomains from an Active Directory "
"server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> "
@@ -2056,22 +2125,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1758
+#: sssd.conf.5.xml:1810
msgid "<quote>none</quote> disallows fetching subdomains explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1769
+#: sssd.conf.5.xml:1821
msgid "autofs_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1772
+#: sssd.conf.5.xml:1824
msgid "The autofs provider used for the domain. Supported autofs providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1776
+#: sssd.conf.5.xml:1828
msgid ""
"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> "
@@ -2079,7 +2148,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1783
+#: sssd.conf.5.xml:1835
msgid ""
"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> "
@@ -2087,24 +2156,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1791
+#: sssd.conf.5.xml:1843
msgid "<quote>none</quote> disables autofs explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1801
+#: sssd.conf.5.xml:1853
msgid "hostid_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1804
+#: sssd.conf.5.xml:1856
msgid ""
"The provider used for retrieving host identity information. Supported "
"hostid providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1808
+#: sssd.conf.5.xml:1860
msgid ""
"<quote>ipa</quote> to load host identity stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -2113,12 +2182,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1816
+#: sssd.conf.5.xml:1868
msgid "<quote>none</quote> disables hostid explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1829
+#: sssd.conf.5.xml:1881
msgid ""
"Regular expression for this domain that describes how to parse the string "
"containing user name and domain into these components. The \"domain\" can "
@@ -2128,7 +2197,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1838
+#: sssd.conf.5.xml:1890
msgid ""
"Default for the AD and IPA provider: "
"<quote>(((?P&lt;domain&gt;[^\\\\]+)\\\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?P&lt;name&gt;[^@\\\\]+)$))</quote> "
@@ -2136,29 +2205,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1843
+#: sssd.conf.5.xml:1895
msgid "username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1846
+#: sssd.conf.5.xml:1898
msgid "username@domain.name"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1849
+#: sssd.conf.5.xml:1901
msgid "domain\\username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1852
+#: sssd.conf.5.xml:1904
msgid ""
"While the first two correspond to the general default the third one is "
"introduced to allow easy integration of users from Windows domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1857
+#: sssd.conf.5.xml:1909
msgid ""
"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
"which translates to \"the name is everything up to the <quote>@</quote> "
@@ -2166,7 +2235,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1863
+#: sssd.conf.5.xml:1915
msgid ""
"PLEASE NOTE: the support for non-unique named subpatterns is not available "
"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
@@ -2174,66 +2243,66 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1870
+#: sssd.conf.5.xml:1922
msgid ""
"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax "
"(?P&lt;name&gt;) to label subpatterns."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1917
+#: sssd.conf.5.xml:1969
msgid "Default: <quote>%1$s@%2$s</quote>."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1923
+#: sssd.conf.5.xml:1975
msgid "lookup_family_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1926
+#: sssd.conf.5.xml:1978
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1930
+#: sssd.conf.5.xml:1982
msgid "Supported values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1933
+#: sssd.conf.5.xml:1985
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1936
+#: sssd.conf.5.xml:1988
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1939
+#: sssd.conf.5.xml:1991
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1942
+#: sssd.conf.5.xml:1994
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1945
+#: sssd.conf.5.xml:1997
msgid "Default: ipv4_first"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1951
+#: sssd.conf.5.xml:2003
msgid "dns_resolver_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1954
+#: sssd.conf.5.xml:2006
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -2241,69 +2310,69 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1960 sssd-ldap.5.xml:1184 sssd-ldap.5.xml:1226 sssd-ldap.5.xml:1241 sssd-krb5.5.xml:239
+#: sssd.conf.5.xml:2012 sssd-ldap.5.xml:1184 sssd-ldap.5.xml:1226 sssd-ldap.5.xml:1241 sssd-krb5.5.xml:248
msgid "Default: 6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1966
+#: sssd.conf.5.xml:2018
msgid "dns_discovery_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1969
+#: sssd.conf.5.xml:2021
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1973
+#: sssd.conf.5.xml:2025
msgid "Default: Use the domain part of machine's hostname"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1979
+#: sssd.conf.5.xml:2031
msgid "override_gid (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1982
+#: sssd.conf.5.xml:2034
msgid "Override the primary GID value with the one specified."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1988
+#: sssd.conf.5.xml:2040
msgid "case_sensitive (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1996
+#: sssd.conf.5.xml:2048
msgid "True"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1999
+#: sssd.conf.5.xml:2051
msgid "Case sensitive. This value is invalid for AD provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2005
+#: sssd.conf.5.xml:2057
msgid "False"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2007
+#: sssd.conf.5.xml:2059
msgid "Case insensitive."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2011
+#: sssd.conf.5.xml:2063
msgid "Preserving"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2014
+#: sssd.conf.5.xml:2066
msgid ""
"Same as False (case insensitive), but does not lowercase names in the result "
"of NSS operations. Note that name aliases (and in case of services also "
@@ -2311,7 +2380,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1991
+#: sssd.conf.5.xml:2043
msgid ""
"Treat user and group names as case sensitive. At the moment, this option is "
"not supported in the local provider. Possible option values are: "
@@ -2319,17 +2388,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2026
+#: sssd.conf.5.xml:2078
msgid "Default: True (False for AD provider)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2032
+#: sssd.conf.5.xml:2084
msgid "proxy_fast_alias (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2035
+#: sssd.conf.5.xml:2087
msgid ""
"When a user or group is looked up by name in the proxy provider, a second "
"lookup by ID is performed to \"canonicalize\" the name in case the requested "
@@ -2338,22 +2407,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2049
+#: sssd.conf.5.xml:2101
msgid "subdomain_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2060
+#: sssd.conf.5.xml:2112
msgid "%F"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2061
+#: sssd.conf.5.xml:2113
msgid "flat (NetBIOS) name of a subdomain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2052
+#: sssd.conf.5.xml:2104
msgid ""
"Use this homedir as default value for all subdomains within this domain in "
"IPA AD trust. See <emphasis>override_homedir</emphasis> for info about "
@@ -2363,27 +2432,27 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2066
+#: sssd.conf.5.xml:2118
msgid "The value can be overridden by <emphasis>override_homedir</emphasis> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2070
+#: sssd.conf.5.xml:2122
msgid "Default: <filename>/home/%d/%u</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2075
+#: sssd.conf.5.xml:2127
msgid "realmd_tags (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2078
+#: sssd.conf.5.xml:2130
msgid "Various tags stored by the realmd configuration service for this domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1092
+#: sssd.conf.5.xml:1144
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called "
@@ -2392,29 +2461,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2091
+#: sssd.conf.5.xml:2143
msgid "proxy_pam_target (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2094
+#: sssd.conf.5.xml:2146
msgid "The proxy target PAM proxies to."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2097
+#: sssd.conf.5.xml:2149
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2105
+#: sssd.conf.5.xml:2157
msgid "proxy_lib_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2108
+#: sssd.conf.5.xml:2160
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -2422,19 +2491,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:2087
+#: sssd.conf.5.xml:2139
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" "
"id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:2120
+#: sssd.conf.5.xml:2172
msgid "The local domain section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:2122
+#: sssd.conf.5.xml:2174
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -2442,73 +2511,73 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2129
+#: sssd.conf.5.xml:2181
msgid "default_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2132
+#: sssd.conf.5.xml:2184
msgid "The default shell for users created with SSSD userspace tools."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2136
+#: sssd.conf.5.xml:2188
msgid "Default: <filename>/bin/bash</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2141
+#: sssd.conf.5.xml:2193
msgid "base_directory (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2144
+#: sssd.conf.5.xml:2196
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2149
+#: sssd.conf.5.xml:2201
msgid "Default: <filename>/home</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2154
+#: sssd.conf.5.xml:2206
msgid "create_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2157
+#: sssd.conf.5.xml:2209
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2161 sssd.conf.5.xml:2173
+#: sssd.conf.5.xml:2213 sssd.conf.5.xml:2225
msgid "Default: TRUE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2166
+#: sssd.conf.5.xml:2218
msgid "remove_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2169
+#: sssd.conf.5.xml:2221
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2178
+#: sssd.conf.5.xml:2230
msgid "homedir_umask (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2181
+#: sssd.conf.5.xml:2233
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -2516,17 +2585,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2189
+#: sssd.conf.5.xml:2241
msgid "Default: 077"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2194
+#: sssd.conf.5.xml:2246
msgid "skel_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2197
+#: sssd.conf.5.xml:2249
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -2535,17 +2604,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2207
+#: sssd.conf.5.xml:2259
msgid "Default: <filename>/etc/skel</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2212
+#: sssd.conf.5.xml:2264
msgid "mail_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2215
+#: sssd.conf.5.xml:2267
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -2553,17 +2622,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2222
+#: sssd.conf.5.xml:2274
msgid "Default: <filename>/var/mail</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2227
+#: sssd.conf.5.xml:2279
msgid "userdel_cmd (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2230
+#: sssd.conf.5.xml:2282
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -2571,17 +2640,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2236
+#: sssd.conf.5.xml:2288
msgid "Default: None, no command is run"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:2246 sssd-ldap.5.xml:2518 sssd-simple.5.xml:131 sssd-ipa.5.xml:718 sssd-ad.5.xml:843 sssd-krb5.5.xml:519 sss_rpcidmapd.5.xml:98
+#: sssd.conf.5.xml:2298 sssd-ldap.5.xml:2569 sssd-simple.5.xml:131 sssd-ipa.5.xml:718 sssd-ad.5.xml:843 sssd-krb5.5.xml:564 sss_rpcidmapd.5.xml:98
msgid "EXAMPLE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:2252
+#: sssd.conf.5.xml:2304
#, no-wrap
msgid ""
"[sssd]\n"
@@ -2611,7 +2680,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:2248
+#: sssd.conf.5.xml:2300
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -3451,7 +3520,7 @@ msgid "The LDAP attribute that corresponds to the user's full name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:738 sssd-ldap.5.xml:831 sssd-ldap.5.xml:1058 sssd-ldap.5.xml:1132 sssd-ldap.5.xml:2102 sssd-ldap.5.xml:2441 sssd-ipa.5.xml:591
+#: sssd-ldap.5.xml:738 sssd-ldap.5.xml:831 sssd-ldap.5.xml:1058 sssd-ldap.5.xml:1132 sssd-ldap.5.xml:2153 sssd-ldap.5.xml:2492 sssd-ipa.5.xml:591
msgid "Default: cn"
msgstr ""
@@ -3730,11 +3799,6 @@ msgid ""
"dealing with complex or deep nested groups)."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1017
-msgid "ldap_use_tokengroups"
-msgstr ""
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1020
msgid ""
@@ -3967,7 +4031,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1258 sssd-ldap.5.xml:2259
+#: sssd-ldap.5.xml:1258 sssd-ldap.5.xml:2310
msgid "Default: 900 (15 minutes)"
msgstr ""
@@ -4420,7 +4484,7 @@ msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:403 sssd-krb5.5.xml:453
+#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:403 sssd-krb5.5.xml:462
msgid "krb5_canonicalize (boolean)"
msgstr ""
@@ -4432,12 +4496,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1700 sssd-krb5.5.xml:468
+#: sssd-ldap.5.xml:1700 sssd-krb5.5.xml:477
msgid "krb5_use_kdcinfo (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1703 sssd-krb5.5.xml:471
+#: sssd-ldap.5.xml:1703 sssd-krb5.5.xml:480
msgid ""
"Specifies if the SSSD should instruct the Kerberos libraries what realm and "
"which KDCs to use. This option is on by default, if you disable it, you need "
@@ -4447,7 +4511,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1714 sssd-krb5.5.xml:482
+#: sssd-ldap.5.xml:1714 sssd-krb5.5.xml:491
msgid ""
"See the <citerefentry> "
"<refentrytitle>sssd_krb5_locator_plugin</refentrytitle> "
@@ -4718,40 +4782,93 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1958
+msgid ""
+"<emphasis> Please note that this option is superseded by the "
+"<quote>ppolicy</quote> option and might be removed in a future release. "
+"</emphasis>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1965
+msgid ""
+"<emphasis>ppolicy</emphasis>: use account locking. If set, this option "
+"denies access in case that ldap attribute 'pwdAccountLockedTime' is present "
+"and has value of '000001010000Z' or represents any time in the past. The "
+"value of the 'pwdAccountLockedTime' attribute must end with 'Z', which "
+"denotes the UTC time zone. Other time zones are not currently supported and "
+"will result in \"access-denied\" when users attempt to log in. Please see "
+"the option ldap_pwdlockout_dn. Please note that 'access_provider = ldap' "
+"must be set for this feature to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1982
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1962
+#: sssd-ldap.5.xml:1986
+msgid ""
+"<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, "
+"pwd_expire_policy_renew: </emphasis> These options are useful if users are "
+"interested in being warned that password is about to expire and "
+"authentication is based on using a different method than passwords - for "
+"example SSH keys."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1996
+msgid ""
+"The difference between these options is the action taken if user password is "
+"expired: pwd_expire_policy_reject - user is denied to log in, "
+"pwd_expire_policy_warn - user is still able to log in, "
+"pwd_expire_policy_renew - user is prompted to change his password "
+"immediately."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2004
+msgid "Note If user password is expired no explicit message is prompted by SSSD."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2008
+msgid ""
+"Please note that 'access_provider = ldap' must be set for this feature to "
+"work. Also 'ldap_pwd_policy' must be set to an appropriate password policy."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2013
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1967
+#: sssd-ldap.5.xml:2018
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1971
+#: sssd-ldap.5.xml:2022
msgid "Default: filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1974
+#: sssd-ldap.5.xml:2025
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1981
+#: sssd-ldap.5.xml:2032
msgid "ldap_pwdlockout_dn (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1984
+#: sssd-ldap.5.xml:2035
msgid ""
"This option specifies the DN of password policy entry on LDAP server. Please "
"note that absence of this option in sssd.conf in case of enabled account "
@@ -4760,74 +4877,74 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1992
+#: sssd-ldap.5.xml:2043
msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1995
+#: sssd-ldap.5.xml:2046
msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2001
+#: sssd-ldap.5.xml:2052
msgid "ldap_deref (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2004
+#: sssd-ldap.5.xml:2055
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2009
+#: sssd-ldap.5.xml:2060
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2013
+#: sssd-ldap.5.xml:2064
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2018
+#: sssd-ldap.5.xml:2069
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2023
+#: sssd-ldap.5.xml:2074
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2028
+#: sssd-ldap.5.xml:2079
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2036
+#: sssd-ldap.5.xml:2087
msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2039
+#: sssd-ldap.5.xml:2090
msgid ""
"Allows to retain local users as members of an LDAP group for servers that "
"use the RFC2307 schema."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2043
+#: sssd-ldap.5.xml:2094
msgid ""
"In some environments where the RFC2307 schema is used, local users are made "
"members of LDAP groups by adding their names to the memberUid attribute. "
@@ -4838,7 +4955,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2054
+#: sssd-ldap.5.xml:2105
msgid ""
"This option falls back to checking if local users are referenced, and caches "
"them so that later initgroups() calls will augment the local users with the "
@@ -4856,12 +4973,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2070
+#: sssd-ldap.5.xml:2121
msgid "SUDO OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2072
+#: sssd-ldap.5.xml:2123
msgid ""
"The detailed instructions for configuration of sudo_provider are in the "
"manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> "
@@ -4869,208 +4986,208 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2083
+#: sssd-ldap.5.xml:2134
msgid "ldap_sudorule_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2086
+#: sssd-ldap.5.xml:2137
msgid "The object class of a sudo rule entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2089
+#: sssd-ldap.5.xml:2140
msgid "Default: sudoRole"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2095
+#: sssd-ldap.5.xml:2146
msgid "ldap_sudorule_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2098
+#: sssd-ldap.5.xml:2149
msgid "The LDAP attribute that corresponds to the sudo rule name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2108
+#: sssd-ldap.5.xml:2159
msgid "ldap_sudorule_command (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2111
+#: sssd-ldap.5.xml:2162
msgid "The LDAP attribute that corresponds to the command name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2115
+#: sssd-ldap.5.xml:2166
msgid "Default: sudoCommand"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2121
+#: sssd-ldap.5.xml:2172
msgid "ldap_sudorule_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2124
+#: sssd-ldap.5.xml:2175
msgid ""
"The LDAP attribute that corresponds to the host name (or host IP address, "
"host IP network, or host netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2129
+#: sssd-ldap.5.xml:2180
msgid "Default: sudoHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2135
+#: sssd-ldap.5.xml:2186
msgid "ldap_sudorule_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2138
+#: sssd-ldap.5.xml:2189
msgid ""
"The LDAP attribute that corresponds to the user name (or UID, group name or "
"user's netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2142
+#: sssd-ldap.5.xml:2193
msgid "Default: sudoUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2148
+#: sssd-ldap.5.xml:2199
msgid "ldap_sudorule_option (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2151
+#: sssd-ldap.5.xml:2202
msgid "The LDAP attribute that corresponds to the sudo options."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2155
+#: sssd-ldap.5.xml:2206
msgid "Default: sudoOption"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2161
+#: sssd-ldap.5.xml:2212
msgid "ldap_sudorule_runasuser (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2164
+#: sssd-ldap.5.xml:2215
msgid ""
"The LDAP attribute that corresponds to the user name that commands may be "
"run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2168
+#: sssd-ldap.5.xml:2219
msgid "Default: sudoRunAsUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2174
+#: sssd-ldap.5.xml:2225
msgid "ldap_sudorule_runasgroup (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2177
+#: sssd-ldap.5.xml:2228
msgid ""
"The LDAP attribute that corresponds to the group name or group GID that "
"commands may be run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2181
+#: sssd-ldap.5.xml:2232
msgid "Default: sudoRunAsGroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2187
+#: sssd-ldap.5.xml:2238
msgid "ldap_sudorule_notbefore (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2190
+#: sssd-ldap.5.xml:2241
msgid ""
"The LDAP attribute that corresponds to the start date/time for when the sudo "
"rule is valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2194
+#: sssd-ldap.5.xml:2245
msgid "Default: sudoNotBefore"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2200
+#: sssd-ldap.5.xml:2251
msgid "ldap_sudorule_notafter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2203
+#: sssd-ldap.5.xml:2254
msgid ""
"The LDAP attribute that corresponds to the expiration date/time, after which "
"the sudo rule will no longer be valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2208
+#: sssd-ldap.5.xml:2259
msgid "Default: sudoNotAfter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2214
+#: sssd-ldap.5.xml:2265
msgid "ldap_sudorule_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2217
+#: sssd-ldap.5.xml:2268
msgid "The LDAP attribute that corresponds to the ordering index of the rule."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2221
+#: sssd-ldap.5.xml:2272
msgid "Default: sudoOrder"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2227
+#: sssd-ldap.5.xml:2278
msgid "ldap_sudo_full_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2230
+#: sssd-ldap.5.xml:2281
msgid ""
"How many seconds SSSD will wait between executing a full refresh of sudo "
"rules (which downloads all rules that are stored on the server)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2235
+#: sssd-ldap.5.xml:2286
msgid ""
"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval "
"</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2240
+#: sssd-ldap.5.xml:2291
msgid "Default: 21600 (6 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2246
+#: sssd-ldap.5.xml:2297
msgid "ldap_sudo_smart_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2249
+#: sssd-ldap.5.xml:2300
msgid ""
"How many seconds SSSD has to wait before executing a smart refresh of sudo "
"rules (which downloads all rules that have USN higher than the highest USN "
@@ -5078,100 +5195,100 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2255
+#: sssd-ldap.5.xml:2306
msgid ""
"If USN attributes are not supported by the server, the modifyTimestamp "
"attribute is used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2265
+#: sssd-ldap.5.xml:2316
msgid "ldap_sudo_use_host_filter (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2268
+#: sssd-ldap.5.xml:2319
msgid ""
"If true, SSSD will download only rules that are applicable to this machine "
"(using the IPv4 or IPv6 host/network addresses and hostnames)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2279
+#: sssd-ldap.5.xml:2330
msgid "ldap_sudo_hostnames (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2282
+#: sssd-ldap.5.xml:2333
msgid ""
"Space separated list of hostnames or fully qualified domain names that "
"should be used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2287
+#: sssd-ldap.5.xml:2338
msgid ""
"If this option is empty, SSSD will try to discover the hostname and the "
"fully qualified domain name automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2292 sssd-ldap.5.xml:2315 sssd-ldap.5.xml:2333 sssd-ldap.5.xml:2351
+#: sssd-ldap.5.xml:2343 sssd-ldap.5.xml:2366 sssd-ldap.5.xml:2384 sssd-ldap.5.xml:2402
msgid ""
"If <emphasis>ldap_sudo_use_host_filter</emphasis> is "
"<emphasis>false</emphasis> then this option has no effect."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2297 sssd-ldap.5.xml:2320
+#: sssd-ldap.5.xml:2348 sssd-ldap.5.xml:2371
msgid "Default: not specified"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2303
+#: sssd-ldap.5.xml:2354
msgid "ldap_sudo_ip (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2306
+#: sssd-ldap.5.xml:2357
msgid ""
"Space separated list of IPv4 or IPv6 host/network addresses that should be "
"used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2311
+#: sssd-ldap.5.xml:2362
msgid ""
"If this option is empty, SSSD will try to discover the addresses "
"automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2326
+#: sssd-ldap.5.xml:2377
msgid "ldap_sudo_include_netgroups (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2329
+#: sssd-ldap.5.xml:2380
msgid ""
"If true then SSSD will download every rule that contains a netgroup in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2344
+#: sssd-ldap.5.xml:2395
msgid "ldap_sudo_include_regexp (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2347
+#: sssd-ldap.5.xml:2398
msgid ""
"If true then SSSD will download every rule that contains a wildcard in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2363
+#: sssd-ldap.5.xml:2414
msgid ""
"This manual page only describes attribute name mapping. For detailed "
"explanation of sudo related attribute semantics, see <citerefentry> "
@@ -5180,91 +5297,91 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2373
+#: sssd-ldap.5.xml:2424
msgid "AUTOFS OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2375
+#: sssd-ldap.5.xml:2426
msgid ""
"Please note that the default values correspond to the default schema which "
"is RFC2307."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2381
+#: sssd-ldap.5.xml:2432
msgid "ldap_autofs_map_master_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2384
+#: sssd-ldap.5.xml:2435
msgid "The name of the automount master map in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2387
+#: sssd-ldap.5.xml:2438
msgid "Default: auto.master"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2394
+#: sssd-ldap.5.xml:2445
msgid "ldap_autofs_map_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2397 sssd-ldap.5.xml:2423
+#: sssd-ldap.5.xml:2448 sssd-ldap.5.xml:2474
msgid "The object class of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2400 sssd-ldap.5.xml:2427
+#: sssd-ldap.5.xml:2451 sssd-ldap.5.xml:2478
msgid "Default: automountMap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2407
+#: sssd-ldap.5.xml:2458
msgid "ldap_autofs_map_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2410
+#: sssd-ldap.5.xml:2461
msgid "The name of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2413
+#: sssd-ldap.5.xml:2464
msgid "Default: ou"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2420
+#: sssd-ldap.5.xml:2471
msgid "ldap_autofs_entry_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2434
+#: sssd-ldap.5.xml:2485
msgid "ldap_autofs_entry_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2437 sssd-ldap.5.xml:2451
+#: sssd-ldap.5.xml:2488 sssd-ldap.5.xml:2502
msgid ""
"The key of an automount entry in LDAP. The entry usually corresponds to a "
"mount point."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2448
+#: sssd-ldap.5.xml:2499
msgid "ldap_autofs_entry_value (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2455
+#: sssd-ldap.5.xml:2506
msgid "Default: automountInformation"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2379
+#: sssd-ldap.5.xml:2430
msgid ""
"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder "
"type=\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" "
@@ -5274,32 +5391,32 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2465
+#: sssd-ldap.5.xml:2516
msgid "ADVANCED OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2472
+#: sssd-ldap.5.xml:2523
msgid "ldap_netgroup_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2477
+#: sssd-ldap.5.xml:2528
msgid "ldap_user_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2482
+#: sssd-ldap.5.xml:2533
msgid "ldap_group_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><note>
-#: sssd-ldap.5.xml:2487
+#: sssd-ldap.5.xml:2538
msgid "<note>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para>
-#: sssd-ldap.5.xml:2489
+#: sssd-ldap.5.xml:2540
msgid ""
"If the option <quote>ldap_use_tokengroups</quote> is enabled. The searches "
"against Active Directory will not be restricted and return all groups "
@@ -5308,22 +5425,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist>
-#: sssd-ldap.5.xml:2496
+#: sssd-ldap.5.xml:2547
msgid "</note>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2498
+#: sssd-ldap.5.xml:2549
msgid "ldap_sudo_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2503
+#: sssd-ldap.5.xml:2554
msgid "ldap_autofs_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2467
+#: sssd-ldap.5.xml:2518
msgid ""
"These options are supported by LDAP domains, but they should be used with "
"caution. Please include them in your configuration only if you know what you "
@@ -5332,7 +5449,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2520
+#: sssd-ldap.5.xml:2571
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -5340,7 +5457,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2526
+#: sssd-ldap.5.xml:2577
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -5353,24 +5470,24 @@ msgid ""
msgstr ""
#. type: Content of: <refsect1><refsect2><para>
-#: sssd-ldap.5.xml:2525 sssd-ldap.5.xml:2543 sssd-simple.5.xml:139 sssd-ipa.5.xml:726 sssd-ad.5.xml:851 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 include/ldap_id_mapping.xml:105
+#: sssd-ldap.5.xml:2576 sssd-ldap.5.xml:2594 sssd-simple.5.xml:139 sssd-ipa.5.xml:726 sssd-ad.5.xml:851 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:573 include/ldap_id_mapping.xml:105
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2537
+#: sssd-ldap.5.xml:2588
msgid "LDAP ACCESS FILTER EXAMPLE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2539
+#: sssd-ldap.5.xml:2590
msgid ""
"The following example assumes that SSSD is correctly configured and to use "
"the ldap_access_order=lockout."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2544
+#: sssd-ldap.5.xml:2595
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -5386,12 +5503,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2559 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 sssd-ad.5.xml:866 sssd.8.xml:195 sss_seed.8.xml:163
+#: sssd-ldap.5.xml:2610 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 sssd-ad.5.xml:866 sssd.8.xml:195 sss_seed.8.xml:163
msgid "NOTES"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2561
+#: sssd-ldap.5.xml:2612
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -6158,7 +6275,7 @@ msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:371 sssd-krb5.5.xml:245
+#: sssd-ipa.5.xml:371 sssd-krb5.5.xml:254
msgid "krb5_validate (boolean)"
msgstr ""
@@ -6199,12 +6316,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:419 sssd-krb5.5.xml:407
+#: sssd-ipa.5.xml:419 sssd-krb5.5.xml:416
msgid "krb5_use_fast (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:422 sssd-krb5.5.xml:410
+#: sssd-ipa.5.xml:422 sssd-krb5.5.xml:419
msgid ""
"Enables flexible authentication secure tunneling (FAST) for Kerberos "
"pre-authentication. The following options are supported:"
@@ -6224,7 +6341,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:436 sssd-krb5.5.xml:424
+#: sssd-ipa.5.xml:436 sssd-krb5.5.xml:433
msgid ""
"<emphasis>demand</emphasis> to use FAST. The authentication fails if the "
"server does not require fast."
@@ -6236,7 +6353,7 @@ msgid "Default: try"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:444 sssd-krb5.5.xml:435
+#: sssd-ipa.5.xml:444 sssd-krb5.5.xml:444
msgid ""
"NOTE: SSSD supports FAST only with MIT Kerberos version 1.8 and later. If "
"SSSD is used with an older version of MIT Kerberos, using this option is a "
@@ -7321,12 +7438,12 @@ msgid "Default: True"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:797 sssd-krb5.5.xml:496
+#: sssd-ad.5.xml:797 sssd-krb5.5.xml:505
msgid "krb5_use_enterprise_principal (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:800 sssd-krb5.5.xml:499
+#: sssd-ad.5.xml:800 sssd-krb5.5.xml:508
msgid ""
"Specifies if the user principal should be treated as enterprise "
"principal. See section 5 of RFC 6806 for more details about enterprise "
@@ -8270,16 +8387,25 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:225
+msgid ""
+"NOTE: Please be aware that libkrb5 ccache expansion template from "
+"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> uses different expansion sequences "
+"than SSSD."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:234
msgid "Default: (from libkrb5)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:231
+#: sssd-krb5.5.xml:240
msgid "krb5_auth_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:234
+#: sssd-krb5.5.xml:243
msgid ""
"Timeout in seconds after an online authentication request or change password "
"request is aborted. If possible, the authentication request is continued "
@@ -8287,7 +8413,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:248
+#: sssd-krb5.5.xml:257
msgid ""
"Verify with the help of krb5_keytab that the TGT obtained has not been "
"spoofed. The keytab is checked for entries sequentially, and the first entry "
@@ -8298,36 +8424,36 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:263
+#: sssd-krb5.5.xml:272
msgid "krb5_keytab (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:266
+#: sssd-krb5.5.xml:275
msgid ""
"The location of the keytab to use when validating credentials obtained from "
"KDCs."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:270
+#: sssd-krb5.5.xml:279
msgid "Default: /etc/krb5.keytab"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:276
+#: sssd-krb5.5.xml:285
msgid "krb5_store_password_if_offline (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:279
+#: sssd-krb5.5.xml:288
msgid ""
"Store the password of the user if the provider is offline and use it to "
"request a TGT when the provider comes online again."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:284
+#: sssd-krb5.5.xml:293
msgid ""
"NOTE: this feature is only available on Linux. Passwords stored in this way "
"are kept in plaintext in the kernel keyring and are potentially accessible "
@@ -8335,90 +8461,90 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:297
+#: sssd-krb5.5.xml:306
msgid "krb5_renewable_lifetime (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:300
+#: sssd-krb5.5.xml:309
msgid ""
"Request a renewable ticket with a total lifetime, given as an integer "
"immediately followed by a time unit:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:305 sssd-krb5.5.xml:339 sssd-krb5.5.xml:376
+#: sssd-krb5.5.xml:314 sssd-krb5.5.xml:348 sssd-krb5.5.xml:385
msgid "<emphasis>s</emphasis> for seconds"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:308 sssd-krb5.5.xml:342 sssd-krb5.5.xml:379
+#: sssd-krb5.5.xml:317 sssd-krb5.5.xml:351 sssd-krb5.5.xml:388
msgid "<emphasis>m</emphasis> for minutes"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:311 sssd-krb5.5.xml:345 sssd-krb5.5.xml:382
+#: sssd-krb5.5.xml:320 sssd-krb5.5.xml:354 sssd-krb5.5.xml:391
msgid "<emphasis>h</emphasis> for hours"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:314 sssd-krb5.5.xml:348 sssd-krb5.5.xml:385
+#: sssd-krb5.5.xml:323 sssd-krb5.5.xml:357 sssd-krb5.5.xml:394
msgid "<emphasis>d</emphasis> for days."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:317 sssd-krb5.5.xml:388
+#: sssd-krb5.5.xml:326 sssd-krb5.5.xml:397
msgid "If there is no unit given, <emphasis>s</emphasis> is assumed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:321 sssd-krb5.5.xml:392
+#: sssd-krb5.5.xml:330 sssd-krb5.5.xml:401
msgid ""
"NOTE: It is not possible to mix units. To set the renewable lifetime to one "
"and a half hours, use '90m' instead of '1h30m'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:326
+#: sssd-krb5.5.xml:335
msgid "Default: not set, i.e. the TGT is not renewable"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:332
+#: sssd-krb5.5.xml:341
msgid "krb5_lifetime (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:335
+#: sssd-krb5.5.xml:344
msgid ""
"Request ticket with a lifetime, given as an integer immediately followed by "
"a time unit:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:351
+#: sssd-krb5.5.xml:360
msgid "If there is no unit given <emphasis>s</emphasis> is assumed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:355
+#: sssd-krb5.5.xml:364
msgid ""
"NOTE: It is not possible to mix units. To set the lifetime to one and a "
"half hours please use '90m' instead of '1h30m'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:360
+#: sssd-krb5.5.xml:369
msgid "Default: not set, i.e. the default ticket lifetime configured on the KDC."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:367
+#: sssd-krb5.5.xml:376
msgid "krb5_renew_interval (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:370
+#: sssd-krb5.5.xml:379
msgid ""
"The time in seconds between two checks if the TGT should be renewed. TGTs "
"are renewed if about half of their lifetime is exceeded, given as an integer "
@@ -8426,56 +8552,89 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:397
+#: sssd-krb5.5.xml:406
msgid "If this option is not set or is 0 the automatic renewal is disabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:415
+#: sssd-krb5.5.xml:424
msgid ""
"<emphasis>never</emphasis> use FAST. This is equivalent to not setting this "
"option at all."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:419
+#: sssd-krb5.5.xml:428
msgid ""
"<emphasis>try</emphasis> to use FAST. If the server does not support FAST, "
"continue the authentication without it."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:429
+#: sssd-krb5.5.xml:438
msgid "Default: not set, i.e. FAST is not used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:432
+#: sssd-krb5.5.xml:441
msgid "NOTE: a keytab is required to use FAST."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:444
+#: sssd-krb5.5.xml:453
msgid "krb5_fast_principal (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:447
+#: sssd-krb5.5.xml:456
msgid "Specifies the server principal to use for FAST."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:456
+#: sssd-krb5.5.xml:465
msgid ""
"Specifies if the host and user principal should be canonicalized. This "
"feature is available with MIT Kerberos 1.7 and later versions."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:505
+#: sssd-krb5.5.xml:514
msgid "Default: false (AD provider: true)"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:520
+msgid "krb5_map_user (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:523
+msgid ""
+"The list of mappings is given as a comma-separated list of pairs "
+"<quote>username:primary</quote> where <quote>username</quote> is a UNIX user "
+"name and <quote>primary</quote> is a user part of a kerberos principal. This "
+"mapping is used when user is authenticating using <quote>auth_provider = "
+"krb5</quote>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd-krb5.5.xml:535
+#, no-wrap
+msgid ""
+"krb5_realm = REALM\n"
+"krb5_map_user = joe:juser,dick:richard\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:540
+msgid ""
+"<quote>joe</quote> and <quote>dick</quote> are UNIX user names and "
+"<quote>juser</quote> and <quote>richard</quote> are primaries of kerberos "
+"principals. For user <quote>joe</quote> resp. <quote>dick</quote> SSSD will "
+"try to kinit as <quote>juser@REALM</quote> resp. "
+"<quote>richard@REALM</quote>."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-krb5.5.xml:65
msgid ""
@@ -8488,7 +8647,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-krb5.5.xml:521
+#: sssd-krb5.5.xml:566
msgid ""
"The following example assumes that SSSD is correctly configured and FOO is "
"one of the domains in the <replaceable>[sssd]</replaceable> section. This "
@@ -8497,7 +8656,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-krb5.5.xml:529
+#: sssd-krb5.5.xml:574
#, no-wrap
msgid ""
" [domain/FOO]\n"
diff --git a/src/man/po/tg.po b/src/man/po/tg.po
index 67334d724..7cc4a0fc6 100644
--- a/src/man/po/tg.po
+++ b/src/man/po/tg.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: sssd-docs 1.12.2\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2015-02-18 16:52+0100\n"
+"POT-Creation-Date: 2015-06-12 10:36+0200\n"
"PO-Revision-Date: 2014-06-04 02:04-0400\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Tajik (http://www.transifex.com/projects/p/sssd/language/"
@@ -17,7 +17,7 @@ msgstr ""
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"
-"X-Generator: Zanata 3.5.1\n"
+"X-Generator: Zanata 3.6.2\n"
#. type: Content of: <reference><title>
#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5
@@ -224,11 +224,11 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:81 sssd.conf.5.xml:571 sssd.conf.5.xml:1014
+#: sssd.conf.5.xml:81 sssd.conf.5.xml:602 sssd.conf.5.xml:1066
#: sssd-ldap.5.xml:1625 sssd-ldap.5.xml:1722 sssd-ldap.5.xml:1784
-#: sssd-ldap.5.xml:2273 sssd-ldap.5.xml:2338 sssd-ldap.5.xml:2356
+#: sssd-ldap.5.xml:2324 sssd-ldap.5.xml:2389 sssd-ldap.5.xml:2407
#: sssd-ipa.5.xml:378 sssd-ipa.5.xml:413 sssd-ad.5.xml:166 sssd-ad.5.xml:264
-#: sssd-ad.5.xml:714 sssd-ad.5.xml:806 sssd-krb5.5.xml:490
+#: sssd-ad.5.xml:714 sssd-ad.5.xml:806 sssd-krb5.5.xml:499
msgid "Default: true"
msgstr "Пешфарз: true"
@@ -245,16 +245,16 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:94 sssd.conf.5.xml:968 sssd.conf.5.xml:2043
+#: sssd.conf.5.xml:94 sssd.conf.5.xml:1020 sssd.conf.5.xml:2095
#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1499 sssd-ldap.5.xml:1518
-#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:2060 sssd-ipa.5.xml:139
-#: sssd-ipa.5.xml:208 sssd-ipa.5.xml:543 sssd-krb5.5.xml:257
-#: sssd-krb5.5.xml:291 sssd-krb5.5.xml:462
+#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:2111 sssd-ipa.5.xml:139
+#: sssd-ipa.5.xml:208 sssd-ipa.5.xml:543 sssd-krb5.5.xml:266
+#: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471
msgid "Default: false"
msgstr "Пешфарз: false"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:67 sssd.conf.5.xml:105 sssd-ldap.5.xml:2081
+#: sssd.conf.5.xml:67 sssd.conf.5.xml:105 sssd-ldap.5.xml:2132
msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
@@ -291,7 +291,7 @@ msgid "The [sssd] section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:137 sssd.conf.5.xml:2127
+#: sssd.conf.5.xml:137 sssd.conf.5.xml:2179
msgid "Section parameters"
msgstr ""
@@ -360,7 +360,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:193 sssd.conf.5.xml:1826
+#: sssd.conf.5.xml:193 sssd.conf.5.xml:1878
msgid "re_expression (string)"
msgstr ""
@@ -380,12 +380,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:210 sssd.conf.5.xml:1877
+#: sssd.conf.5.xml:210 sssd.conf.5.xml:1929
msgid "full_name_format (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:213 sssd.conf.5.xml:1880
+#: sssd.conf.5.xml:213 sssd.conf.5.xml:1932
msgid ""
"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
"manvolnum> </citerefentry>-compatible format that describes how to compose a "
@@ -393,39 +393,39 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:224 sssd.conf.5.xml:1891
+#: sssd.conf.5.xml:224 sssd.conf.5.xml:1943
msgid "%1$s"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:225 sssd.conf.5.xml:1892
+#: sssd.conf.5.xml:225 sssd.conf.5.xml:1944
msgid "user name"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:228 sssd.conf.5.xml:1895
+#: sssd.conf.5.xml:228 sssd.conf.5.xml:1947
msgid "%2$s"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:231 sssd.conf.5.xml:1898
+#: sssd.conf.5.xml:231 sssd.conf.5.xml:1950
msgid "domain name as specified in the SSSD config file."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:237 sssd.conf.5.xml:1904
+#: sssd.conf.5.xml:237 sssd.conf.5.xml:1956
msgid "%3$s"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:240 sssd.conf.5.xml:1907
+#: sssd.conf.5.xml:240 sssd.conf.5.xml:1959
msgid ""
"domain flat name. Mostly usable for Active Directory domains, both directly "
"configured or discovered via IPA trusts."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:221 sssd.conf.5.xml:1888
+#: sssd.conf.5.xml:221 sssd.conf.5.xml:1940
msgid ""
"The following expansions are supported: <placeholder type=\"variablelist\" "
"id=\"0\"/>"
@@ -542,8 +542,8 @@ msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:336 sssd-ldap.5.xml:663 sssd-ldap.5.xml:1458
#: sssd-ldap.5.xml:1470 sssd-ldap.5.xml:1552 sssd-ad.5.xml:557
-#: sssd-ad.5.xml:627 sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:203
-#: include/ldap_id_mapping.xml:214
+#: sssd-ad.5.xml:627 sssd-krb5.5.xml:410 sssd-krb5.5.xml:550
+#: include/ldap_id_mapping.xml:203 include/ldap_id_mapping.xml:214
msgid "Default: not set"
msgstr ""
@@ -646,18 +646,18 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:427 sssd.conf.5.xml:443 sssd.conf.5.xml:475
-#: sssd.conf.5.xml:702 sssd.conf.5.xml:888 sssd.conf.5.xml:1209
+#: sssd.conf.5.xml:733 sssd.conf.5.xml:919 sssd.conf.5.xml:1261
#: sssd-ldap.5.xml:1200
msgid "Default: 60"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:432 sssd.conf.5.xml:1198
+#: sssd.conf.5.xml:432 sssd.conf.5.xml:1250
msgid "force_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:435 sssd.conf.5.xml:1201
+#: sssd.conf.5.xml:435 sssd.conf.5.xml:1253
msgid ""
"If a service is not responding to ping checks (see the <quote>timeout</"
"quote> option), it is first sent the SIGTERM signal that instructs it to "
@@ -704,41 +704,93 @@ msgid ""
"will be forced to one hour."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:480
+msgid "subdomain_inherit (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:483
+msgid ""
+"Specifies a list of configuration parameters that should be inherited by a "
+"subdomain. Please note that only selected parameters can be inherited. "
+"Currently the following options can be inherited:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:489
+msgid "ignore_group_members"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:492
+msgid "ldap_purge_cache_timeout"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:495 sssd-ldap.5.xml:1017
+msgid "ldap_use_tokengroups"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:498
+msgid "ldap_user_principal"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd.conf.5.xml:503
+#, no-wrap
+msgid ""
+"subdomain_inherit = ldap_purge_cache_timeout\n"
+" "
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:501
+msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:507 sssd.conf.5.xml:963 sssd.conf.5.xml:984
+#: sssd.conf.5.xml:1244 sssd-ldap.5.xml:1753
+msgid "Default: none"
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:484
+#: sssd.conf.5.xml:515
msgid "NSS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:486
+#: sssd.conf.5.xml:517
msgid ""
"These options can be used to configure the Name Service Switch (NSS) service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:491
+#: sssd.conf.5.xml:522
msgid "enum_cache_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:494
+#: sssd.conf.5.xml:525
msgid ""
"How many seconds should nss_sss cache enumerations (requests for info about "
"all users)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:498
+#: sssd.conf.5.xml:529
msgid "Default: 120"
msgstr "Пешфарз: 120"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:503
+#: sssd.conf.5.xml:534
msgid "entry_cache_nowait_percentage (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:506
+#: sssd.conf.5.xml:537
msgid ""
"The entry cache can be set to automatically update entries in the background "
"if they are requested beyond a percentage of the entry_cache_timeout value "
@@ -746,7 +798,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:512
+#: sssd.conf.5.xml:543
msgid ""
"For example, if the domain's entry_cache_timeout is set to 30s and "
"entry_cache_nowait_percentage is set to 50 (percent), entries that come in "
@@ -756,7 +808,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:522
+#: sssd.conf.5.xml:553
msgid ""
"Valid values for this option are 0-99 and represent a percentage of the "
"entry_cache_timeout for each domain. For performance reasons, this "
@@ -765,17 +817,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:530
+#: sssd.conf.5.xml:561
msgid "Default: 50"
msgstr "Пешфарз: 50"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:535
+#: sssd.conf.5.xml:566
msgid "entry_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:538
+#: sssd.conf.5.xml:569
msgid ""
"Specifies for how many seconds nss_sss should cache negative cache hits "
"(that is, queries for invalid database entries, like nonexistent ones) "
@@ -783,17 +835,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:544 sssd.conf.5.xml:992
+#: sssd.conf.5.xml:575 sssd.conf.5.xml:1044
msgid "Default: 15"
msgstr "Пешфарз: 15"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:549
+#: sssd.conf.5.xml:580
msgid "filter_users, filter_groups (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:552
+#: sssd.conf.5.xml:583
msgid ""
"Exclude certain users from being fetched from the sss NSS database. This is "
"particularly useful for system accounts. This option can also be set per-"
@@ -802,41 +854,41 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:559
+#: sssd.conf.5.xml:590
msgid "Default: root"
msgstr "Пешфарз: root"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:564
+#: sssd.conf.5.xml:595
msgid "filter_users_in_groups (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:567
+#: sssd.conf.5.xml:598
msgid ""
"If you want filtered user still be group members set this option to false."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:578
+#: sssd.conf.5.xml:609
msgid "fallback_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:581
+#: sssd.conf.5.xml:612
msgid ""
"Set a default template for a user's home directory if one is not specified "
"explicitly by the domain's data provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:586
+#: sssd.conf.5.xml:617
msgid ""
"The available values for this option are the same as for override_homedir."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
-#: sssd.conf.5.xml:592
+#: sssd.conf.5.xml:623
#, no-wrap
msgid ""
"fallback_homedir = /home/%u\n"
@@ -844,22 +896,23 @@ msgid ""
msgstr ""
#. type: Content of: <varlistentry><listitem><para>
-#: sssd.conf.5.xml:590 include/override_homedir.xml:55
+#: sssd.conf.5.xml:621 sssd.conf.5.xml:978 sssd-krb5.5.xml:533
+#: include/override_homedir.xml:55
msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:596
+#: sssd.conf.5.xml:627
msgid "Default: not set (no substitution for unset home directories)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:602
+#: sssd.conf.5.xml:633
msgid "override_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:605
+#: sssd.conf.5.xml:636
msgid ""
"Override the login shell for all users. This option supersedes any other "
"shell options if it takes effect and can be set either in the [nss] section "
@@ -867,47 +920,47 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:611
+#: sssd.conf.5.xml:642
msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:617
+#: sssd.conf.5.xml:648
msgid "allowed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:620
+#: sssd.conf.5.xml:651
msgid ""
"Restrict user shell to one of the listed values. The order of evaluation is:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:623
+#: sssd.conf.5.xml:654
msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:627
+#: sssd.conf.5.xml:658
msgid ""
"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
"quote>, use the value of the shell_fallback parameter."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:632
+#: sssd.conf.5.xml:663
msgid ""
"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
"shells</quote>, a nologin shell is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:637
+#: sssd.conf.5.xml:668
msgid "The wildcard (*) can be used to allow any shell."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:640
+#: sssd.conf.5.xml:671
msgid ""
"The (*) is useful if you want to use shell_fallback in case that user's "
"shell is not in <quote>/etc/shells</quote> and maintaining list of all "
@@ -915,103 +968,103 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:647
+#: sssd.conf.5.xml:678
msgid "An empty string for shell is passed as-is to libc."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:650
+#: sssd.conf.5.xml:681
msgid ""
"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
"that a restart of the SSSD is required in case a new shell is installed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:654
+#: sssd.conf.5.xml:685
msgid "Default: Not set. The user shell is automatically used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:659
+#: sssd.conf.5.xml:690
msgid "vetoed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:662
+#: sssd.conf.5.xml:693
msgid "Replace any instance of these shells with the shell_fallback"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:667
+#: sssd.conf.5.xml:698
msgid "shell_fallback (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:670
+#: sssd.conf.5.xml:701
msgid ""
"The default shell to use if an allowed shell is not installed on the machine."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:674
+#: sssd.conf.5.xml:705
msgid "Default: /bin/sh"
msgstr "Пешфарз: /bin/sh"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:679
+#: sssd.conf.5.xml:710
msgid "default_shell"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:682
+#: sssd.conf.5.xml:713
msgid ""
"The default shell to use if the provider does not return one during lookup. "
"This option can be specified globally in the [nss] section or per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:688
+#: sssd.conf.5.xml:719
msgid ""
"Default: not set (Return NULL if no shell is specified and rely on libc to "
"substitute something sensible when necessary, usually /bin/sh)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:695 sssd.conf.5.xml:881
+#: sssd.conf.5.xml:726 sssd.conf.5.xml:912
msgid "get_domains_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:698 sssd.conf.5.xml:884
+#: sssd.conf.5.xml:729 sssd.conf.5.xml:915
msgid ""
"Specifies time in seconds for which the list of subdomains will be "
"considered valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:707
+#: sssd.conf.5.xml:738
msgid "memcache_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:710
+#: sssd.conf.5.xml:741
msgid ""
"Specifies time in seconds for which records in the in-memory cache will be "
"valid"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:714 sssd-ldap.5.xml:706
+#: sssd.conf.5.xml:745 sssd-ldap.5.xml:706
msgid "Default: 300"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:719 sssd-ifp.5.xml:74
+#: sssd.conf.5.xml:750 sssd-ifp.5.xml:74
msgid "user_attributes (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:722
+#: sssd.conf.5.xml:753
msgid ""
"Some of the additional NSS responder requests can return more attributes "
"than just the POSIX ones defined by the NSS interface. The list of "
@@ -1022,72 +1075,72 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:735
+#: sssd.conf.5.xml:766
msgid ""
"To make configuration more easy the NSS responder will check the InfoPipe "
"option if it is not set for the NSS responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:740
+#: sssd.conf.5.xml:771
msgid "Default: not set, fallback to InfoPipe option"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:747
+#: sssd.conf.5.xml:778
msgid "PAM configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:749
+#: sssd.conf.5.xml:780
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:754
+#: sssd.conf.5.xml:785
msgid "offline_credentials_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:757
+#: sssd.conf.5.xml:788
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:762 sssd.conf.5.xml:775
+#: sssd.conf.5.xml:793 sssd.conf.5.xml:806
msgid "Default: 0 (No limit)"
msgstr "Пешфарз: 0 (Номаҳдуд)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:768
+#: sssd.conf.5.xml:799
msgid "offline_failed_login_attempts (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:771
+#: sssd.conf.5.xml:802
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:781
+#: sssd.conf.5.xml:812
msgid "offline_failed_login_delay (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:784
+#: sssd.conf.5.xml:815
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:789
+#: sssd.conf.5.xml:820
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -1095,59 +1148,59 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:795 sssd.conf.5.xml:848
+#: sssd.conf.5.xml:826 sssd.conf.5.xml:879
msgid "Default: 5"
msgstr "Пешфарз: 5"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:801
+#: sssd.conf.5.xml:832
msgid "pam_verbosity (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:804
+#: sssd.conf.5.xml:835
msgid ""
"Controls what kind of messages are shown to the user during authentication. "
"The higher the number to more messages are displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:809
+#: sssd.conf.5.xml:840
msgid "Currently sssd supports the following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:812
+#: sssd.conf.5.xml:843
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:815
+#: sssd.conf.5.xml:846
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:819
+#: sssd.conf.5.xml:850
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:822
+#: sssd.conf.5.xml:853
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:826 sssd.8.xml:63
+#: sssd.conf.5.xml:857 sssd.8.xml:63
msgid "Default: 1"
msgstr "Пешфарз: 1"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:831
+#: sssd.conf.5.xml:862
msgid "pam_id_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:834
+#: sssd.conf.5.xml:865
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -1155,7 +1208,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:840
+#: sssd.conf.5.xml:871
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a per-"
@@ -1164,17 +1217,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:854
+#: sssd.conf.5.xml:885
msgid "pam_pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:857 sssd.conf.5.xml:1390
+#: sssd.conf.5.xml:888 sssd.conf.5.xml:1442
msgid "Display a warning N days before the password expires."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:860
+#: sssd.conf.5.xml:891
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1182,31 +1235,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:866 sssd.conf.5.xml:1393
+#: sssd.conf.5.xml:897 sssd.conf.5.xml:1445
msgid ""
"If zero is set, then this filter is not applied, i.e. if the expiration "
"warning was received from backend server, it will automatically be displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:871
+#: sssd.conf.5.xml:902
msgid ""
"This setting can be overridden by setting <emphasis>pwd_expiration_warning</"
"emphasis> for a particular domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:876 sssd.8.xml:79
+#: sssd.conf.5.xml:907 sssd.8.xml:79
msgid "Default: 0"
msgstr "Пешфарз: 0"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:893
+#: sssd.conf.5.xml:924
msgid "pam_trusted_users (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:896
+#: sssd.conf.5.xml:927
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAM responder. User names are resolved to UIDs at "
@@ -1214,59 +1267,75 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:902
+#: sssd.conf.5.xml:933
msgid "Default: all (All users are allowed to access the PAM responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:906
+#: sssd.conf.5.xml:937
msgid ""
"Please note that UID 0 is always allowed to access the PAM responder even in "
"case it is not in the pam_trusted_users list."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:913
+#: sssd.conf.5.xml:944
msgid "pam_public_domains (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:916
+#: sssd.conf.5.xml:947
msgid ""
"Specifies the comma-separated list of domain names that are accessible even "
"to untrusted users."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:920
+#: sssd.conf.5.xml:951
msgid "Two special values for pam_public_domains option are defined:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:924
+#: sssd.conf.5.xml:955
msgid ""
"all (Untrusted users are allowed to access all domains in PAM responder.)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:928
+#: sssd.conf.5.xml:959
msgid ""
"none (Untrusted users are not allowed to access any domains PAM in "
"responder.)"
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:932 sssd.conf.5.xml:1192 sssd-ldap.5.xml:1753
-msgid "Default: none"
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:968
+msgid "pam_account_expired_message (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:971
+msgid ""
+"If user is authenticating using SSH keys and account is expired then by "
+"default 'Permission denied' is output. This output will be changed to "
+"content of this variable if it is set."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd.conf.5.xml:980
+#, no-wrap
+msgid ""
+"pam_account_expired_message = Account expired, please call help desk.\n"
+" "
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:941
+#: sssd.conf.5.xml:993
msgid "SUDO configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:943
+#: sssd.conf.5.xml:995
msgid ""
"These options can be used to configure the sudo service. The detailed "
"instructions for configuration of <citerefentry> <refentrytitle>sudo</"
@@ -1277,34 +1346,34 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:960
+#: sssd.conf.5.xml:1012
msgid "sudo_timed (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:1015
msgid ""
"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
"that implement time-dependent sudoers entries."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:976
+#: sssd.conf.5.xml:1028
msgid "AUTOFS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:978
+#: sssd.conf.5.xml:1030
msgid "These options can be used to configure the autofs service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:982
+#: sssd.conf.5.xml:1034
msgid "autofs_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:985
+#: sssd.conf.5.xml:1037
msgid ""
"Specifies for how many seconds should the autofs responder negative cache "
"hits (that is, queries for invalid map entries, like nonexistent ones) "
@@ -1312,51 +1381,51 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1001
+#: sssd.conf.5.xml:1053
msgid "SSH configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1003
+#: sssd.conf.5.xml:1055
msgid "These options can be used to configure the SSH service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1007
+#: sssd.conf.5.xml:1059
msgid "ssh_hash_known_hosts (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1010
+#: sssd.conf.5.xml:1062
msgid ""
"Whether or not to hash host names and addresses in the managed known_hosts "
"file."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1019
+#: sssd.conf.5.xml:1071
msgid "ssh_known_hosts_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1022
+#: sssd.conf.5.xml:1074
msgid ""
"How many seconds to keep a host in the managed known_hosts file after its "
"host keys were requested."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1026
+#: sssd.conf.5.xml:1078
msgid "Default: 180"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1034
+#: sssd.conf.5.xml:1086
msgid "PAC responder configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1036
+#: sssd.conf.5.xml:1088
msgid ""
"The PAC responder works together with the authorization data plugin for MIT "
"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
@@ -1368,7 +1437,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1045
+#: sssd.conf.5.xml:1097
msgid ""
"If the remote user does not exist in the cache, it is created. The uid is "
"determined with the help of the SID, trusted domains will have UPGs and the "
@@ -1379,24 +1448,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1053
+#: sssd.conf.5.xml:1105
msgid ""
"If there are SIDs of groups from domains sssd knows about, the user will be "
"added to those groups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1059
+#: sssd.conf.5.xml:1111
msgid "These options can be used to configure the PAC responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1063 sssd-ifp.5.xml:50
+#: sssd.conf.5.xml:1115 sssd-ifp.5.xml:50
msgid "allowed_uids (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1066
+#: sssd.conf.5.xml:1118
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAC responder. User names are resolved to UIDs at "
@@ -1404,12 +1473,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1072
+#: sssd.conf.5.xml:1124
msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1076
+#: sssd.conf.5.xml:1128
msgid ""
"Please note that although the UID 0 is used as the default it will be "
"overwritten with this option. If you still want to allow the root user to "
@@ -1418,24 +1487,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:1090
+#: sssd.conf.5.xml:1142
msgid "DOMAIN SECTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1097
+#: sssd.conf.5.xml:1149
msgid "min_id,max_id (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1100
+#: sssd.conf.5.xml:1152
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1105
+#: sssd.conf.5.xml:1157
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For non-"
@@ -1444,47 +1513,47 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1112
+#: sssd.conf.5.xml:1164
msgid ""
"These ID limits affect even saving entries to cache, not only returning them "
"by name or ID."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1116
+#: sssd.conf.5.xml:1168
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1122
+#: sssd.conf.5.xml:1174
msgid "enumerate (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1125
+#: sssd.conf.5.xml:1177
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1129
+#: sssd.conf.5.xml:1181
msgid "TRUE = Users and groups are enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1132
+#: sssd.conf.5.xml:1184
msgid "FALSE = No enumerations for this domain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1135 sssd.conf.5.xml:1367 sssd.conf.5.xml:1476
-#: sssd.conf.5.xml:1493
+#: sssd.conf.5.xml:1187 sssd.conf.5.xml:1419 sssd.conf.5.xml:1528
+#: sssd.conf.5.xml:1545
msgid "Default: FALSE"
msgstr "Пешфарз: FALSE"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1138
+#: sssd.conf.5.xml:1190
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
@@ -1496,14 +1565,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1151
+#: sssd.conf.5.xml:1203
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1156
+#: sssd.conf.5.xml:1208
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -1512,39 +1581,39 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1164
+#: sssd.conf.5.xml:1216
msgid ""
"For the reasons cited above, enabling enumeration is not recommended, "
"especially in large environments."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1172
+#: sssd.conf.5.xml:1224
msgid "subdomain_enumerate (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1179
+#: sssd.conf.5.xml:1231
msgid "all"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1180
+#: sssd.conf.5.xml:1232
msgid "All discovered trusted domains will be enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1183
+#: sssd.conf.5.xml:1235
msgid "none"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1184
+#: sssd.conf.5.xml:1236
msgid "No discovered trusted domains will be enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1175
+#: sssd.conf.5.xml:1227
msgid ""
"Whether any of autodetected trusted domains should be enumerated. The "
"supported values are: <placeholder type=\"variablelist\" id=\"0\"/> "
@@ -1553,19 +1622,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1215
+#: sssd.conf.5.xml:1267
msgid "entry_cache_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1218
+#: sssd.conf.5.xml:1270
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1222
+#: sssd.conf.5.xml:1274
msgid ""
"The cache expiration timestamps are stored as attributes of individual "
"objects in the cache. Therefore, changing the cache timeout only has effect "
@@ -1576,150 +1645,151 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1235
+#: sssd.conf.5.xml:1287
msgid "Default: 5400"
msgstr "Пешфарз: 5400"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1241
+#: sssd.conf.5.xml:1293
msgid "entry_cache_user_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1244
+#: sssd.conf.5.xml:1296
msgid ""
"How many seconds should nss_sss consider user entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1248 sssd.conf.5.xml:1261 sssd.conf.5.xml:1274
-#: sssd.conf.5.xml:1287 sssd.conf.5.xml:1300 sssd.conf.5.xml:1314
-#: sssd.conf.5.xml:1328
+#: sssd.conf.5.xml:1300 sssd.conf.5.xml:1313 sssd.conf.5.xml:1326
+#: sssd.conf.5.xml:1339 sssd.conf.5.xml:1352 sssd.conf.5.xml:1366
+#: sssd.conf.5.xml:1380
msgid "Default: entry_cache_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1254
+#: sssd.conf.5.xml:1306
msgid "entry_cache_group_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1257
+#: sssd.conf.5.xml:1309
msgid ""
"How many seconds should nss_sss consider group entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1267
+#: sssd.conf.5.xml:1319
msgid "entry_cache_netgroup_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1270
+#: sssd.conf.5.xml:1322
msgid ""
"How many seconds should nss_sss consider netgroup entries valid before "
"asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1280
+#: sssd.conf.5.xml:1332
msgid "entry_cache_service_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1283
+#: sssd.conf.5.xml:1335
msgid ""
"How many seconds should nss_sss consider service entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1293
+#: sssd.conf.5.xml:1345
msgid "entry_cache_sudo_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1296
+#: sssd.conf.5.xml:1348
msgid ""
"How many seconds should sudo consider rules valid before asking the backend "
"again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1306
+#: sssd.conf.5.xml:1358
msgid "entry_cache_autofs_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1309
+#: sssd.conf.5.xml:1361
msgid ""
"How many seconds should the autofs service consider automounter maps valid "
"before asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1320
+#: sssd.conf.5.xml:1372
msgid "entry_cache_ssh_host_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1323
+#: sssd.conf.5.xml:1375
msgid ""
"How many seconds to keep a host ssh key after refresh. IE how long to cache "
"the host key for."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1334
+#: sssd.conf.5.xml:1386
msgid "refresh_expired_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1337
+#: sssd.conf.5.xml:1389
msgid ""
"Specifies how many seconds SSSD has to wait before triggering a background "
"refresh task which will refresh all expired or nearly expired records."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1342
-msgid "Currently only refreshing expired netgroups is supported."
+#: sssd.conf.5.xml:1394
+msgid ""
+"The background refresh will process users, groups and netgroups in the cache."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1346
+#: sssd.conf.5.xml:1398
msgid "You can consider setting this value to 3/4 * entry_cache_timeout."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1350 sssd-ipa.5.xml:224
+#: sssd.conf.5.xml:1402 sssd-ipa.5.xml:224
msgid "Default: 0 (disabled)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1356
+#: sssd.conf.5.xml:1408
msgid "cache_credentials (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1359
+#: sssd.conf.5.xml:1411
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1363
+#: sssd.conf.5.xml:1415
msgid "User credentials are stored in a SHA512 hash, not in plaintext"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1372
+#: sssd.conf.5.xml:1424
msgid "account_cache_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1375
+#: sssd.conf.5.xml:1427
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -1728,17 +1798,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1382
+#: sssd.conf.5.xml:1434
msgid "Default: 0 (unlimited)"
msgstr "Пешфарз: 0 (номаҳдуд)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1387
+#: sssd.conf.5.xml:1439
msgid "pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1398
+#: sssd.conf.5.xml:1450
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1747,33 +1817,33 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1405
+#: sssd.conf.5.xml:1457
msgid "Default: 7 (Kerberos), 0 (LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1411
+#: sssd.conf.5.xml:1463
msgid "id_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1414
+#: sssd.conf.5.xml:1466
msgid ""
"The identification provider used for the domain. Supported ID providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1418
+#: sssd.conf.5.xml:1470
msgid "<quote>proxy</quote>: Support a legacy NSS provider"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1421 sssd.conf.5.xml:1539
+#: sssd.conf.5.xml:1473 sssd.conf.5.xml:1591
msgid "<quote>local</quote>: SSSD internal provider for local users"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1425
+#: sssd.conf.5.xml:1477
msgid ""
"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
@@ -1781,8 +1851,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1433 sssd.conf.5.xml:1519 sssd.conf.5.xml:1574
-#: sssd.conf.5.xml:1627
+#: sssd.conf.5.xml:1485 sssd.conf.5.xml:1571 sssd.conf.5.xml:1626
+#: sssd.conf.5.xml:1679
msgid ""
"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -1791,8 +1861,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1442 sssd.conf.5.xml:1528 sssd.conf.5.xml:1583
-#: sssd.conf.5.xml:1636
+#: sssd.conf.5.xml:1494 sssd.conf.5.xml:1580 sssd.conf.5.xml:1635
+#: sssd.conf.5.xml:1688
msgid ""
"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1800,19 +1870,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1453
+#: sssd.conf.5.xml:1505
msgid "use_fully_qualified_names (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1456
+#: sssd.conf.5.xml:1508
msgid ""
"Use the full name and domain (as formatted by the domain's full_name_format) "
"as the user's login name reported to NSS."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1461
+#: sssd.conf.5.xml:1513
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified names. "
"For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -1821,7 +1891,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1469
+#: sssd.conf.5.xml:1521
msgid ""
"NOTE: This option has no effect on netgroup lookups due to their tendency to "
"include nested netgroups without qualified names. For netgroups, all domains "
@@ -1829,17 +1899,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1481
+#: sssd.conf.5.xml:1533
msgid "ignore_group_members (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1484
+#: sssd.conf.5.xml:1536
msgid "Do not return group members for group lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1487
+#: sssd.conf.5.xml:1539
msgid ""
"If set to TRUE, the group membership attribute is not requested from the "
"ldap server, and group members are not returned when processing group lookup "
@@ -1847,19 +1917,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1498
+#: sssd.conf.5.xml:1550
msgid "auth_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1501
+#: sssd.conf.5.xml:1553
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1505 sssd.conf.5.xml:1567
+#: sssd.conf.5.xml:1557 sssd.conf.5.xml:1619
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1867,7 +1937,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1512
+#: sssd.conf.5.xml:1564
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1875,30 +1945,30 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1536
+#: sssd.conf.5.xml:1588
msgid ""
"<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1543
+#: sssd.conf.5.xml:1595
msgid "<quote>none</quote> disables authentication explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1546
+#: sssd.conf.5.xml:1598
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1552
+#: sssd.conf.5.xml:1604
msgid "access_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1555
+#: sssd.conf.5.xml:1607
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -1906,19 +1976,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1561
+#: sssd.conf.5.xml:1613
msgid ""
"<quote>permit</quote> always allow access. It's the only permitted access "
"provider for a local domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1564
+#: sssd.conf.5.xml:1616
msgid "<quote>deny</quote> always deny access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1591
+#: sssd.conf.5.xml:1643
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
@@ -1927,24 +1997,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1598
+#: sssd.conf.5.xml:1650
msgid "Default: <quote>permit</quote>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1603
+#: sssd.conf.5.xml:1655
msgid "chpass_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1606
+#: sssd.conf.5.xml:1658
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1611
+#: sssd.conf.5.xml:1663
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
@@ -1952,7 +2022,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1619
+#: sssd.conf.5.xml:1671
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1960,35 +2030,35 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1644
+#: sssd.conf.5.xml:1696
msgid ""
"<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1648
+#: sssd.conf.5.xml:1700
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1651
+#: sssd.conf.5.xml:1703
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1658
+#: sssd.conf.5.xml:1710
msgid "sudo_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1661
+#: sssd.conf.5.xml:1713
msgid "The SUDO provider used for the domain. Supported SUDO providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1665
+#: sssd.conf.5.xml:1717
msgid ""
"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1996,32 +2066,32 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1673
+#: sssd.conf.5.xml:1725
msgid ""
"<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default "
"settings."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1677
+#: sssd.conf.5.xml:1729
msgid ""
"<quote>ad</quote> the same as <quote>ldap</quote> but with AD default "
"settings."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1681
+#: sssd.conf.5.xml:1733
msgid "<quote>none</quote> disables SUDO explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1684 sssd.conf.5.xml:1762 sssd.conf.5.xml:1794
-#: sssd.conf.5.xml:1819
+#: sssd.conf.5.xml:1736 sssd.conf.5.xml:1814 sssd.conf.5.xml:1846
+#: sssd.conf.5.xml:1871
msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1688
+#: sssd.conf.5.xml:1740
msgid ""
"The detailed instructions for configuration of sudo_provider are in the "
"manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> "
@@ -2032,12 +2102,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1705
+#: sssd.conf.5.xml:1757
msgid "selinux_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1708
+#: sssd.conf.5.xml:1760
msgid ""
"The provider which should handle loading of selinux settings. Note that this "
"provider will be called right after access provider ends. Supported selinux "
@@ -2045,7 +2115,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1714
+#: sssd.conf.5.xml:1766
msgid ""
"<quote>ipa</quote> to load selinux settings from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2053,31 +2123,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1722
+#: sssd.conf.5.xml:1774
msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1725
+#: sssd.conf.5.xml:1777
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"selinux loading requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1731
+#: sssd.conf.5.xml:1783
msgid "subdomains_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1734
+#: sssd.conf.5.xml:1786
msgid ""
"The provider which should handle fetching of subdomains. This value should "
"be always the same as id_provider. Supported subdomain providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1740
+#: sssd.conf.5.xml:1792
msgid ""
"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2085,7 +2155,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1749
+#: sssd.conf.5.xml:1801
msgid ""
"<quote>ad</quote> to load a list of subdomains from an Active Directory "
"server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> "
@@ -2094,23 +2164,23 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1758
+#: sssd.conf.5.xml:1810
msgid "<quote>none</quote> disallows fetching subdomains explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1769
+#: sssd.conf.5.xml:1821
msgid "autofs_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1772
+#: sssd.conf.5.xml:1824
msgid ""
"The autofs provider used for the domain. Supported autofs providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1776
+#: sssd.conf.5.xml:1828
msgid ""
"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2118,7 +2188,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1783
+#: sssd.conf.5.xml:1835
msgid ""
"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2126,24 +2196,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1791
+#: sssd.conf.5.xml:1843
msgid "<quote>none</quote> disables autofs explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1801
+#: sssd.conf.5.xml:1853
msgid "hostid_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1804
+#: sssd.conf.5.xml:1856
msgid ""
"The provider used for retrieving host identity information. Supported "
"hostid providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1808
+#: sssd.conf.5.xml:1860
msgid ""
"<quote>ipa</quote> to load host identity stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2151,12 +2221,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1816
+#: sssd.conf.5.xml:1868
msgid "<quote>none</quote> disables hostid explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1829
+#: sssd.conf.5.xml:1881
msgid ""
"Regular expression for this domain that describes how to parse the string "
"containing user name and domain into these components. The \"domain\" can "
@@ -2166,7 +2236,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1838
+#: sssd.conf.5.xml:1890
msgid ""
"Default for the AD and IPA provider: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
"\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
@@ -2175,29 +2245,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1843
+#: sssd.conf.5.xml:1895
msgid "username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1846
+#: sssd.conf.5.xml:1898
msgid "username@domain.name"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1849
+#: sssd.conf.5.xml:1901
msgid "domain\\username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1852
+#: sssd.conf.5.xml:1904
msgid ""
"While the first two correspond to the general default the third one is "
"introduced to allow easy integration of users from Windows domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1857
+#: sssd.conf.5.xml:1909
msgid ""
"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
"which translates to \"the name is everything up to the <quote>@</quote> "
@@ -2205,7 +2275,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1863
+#: sssd.conf.5.xml:1915
msgid ""
"PLEASE NOTE: the support for non-unique named subpatterns is not available "
"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
@@ -2213,66 +2283,66 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1870
+#: sssd.conf.5.xml:1922
msgid ""
"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?"
"P&lt;name&gt;) to label subpatterns."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1917
+#: sssd.conf.5.xml:1969
msgid "Default: <quote>%1$s@%2$s</quote>."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1923
+#: sssd.conf.5.xml:1975
msgid "lookup_family_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1926
+#: sssd.conf.5.xml:1978
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1930
+#: sssd.conf.5.xml:1982
msgid "Supported values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1933
+#: sssd.conf.5.xml:1985
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1936
+#: sssd.conf.5.xml:1988
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1939
+#: sssd.conf.5.xml:1991
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1942
+#: sssd.conf.5.xml:1994
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1945
+#: sssd.conf.5.xml:1997
msgid "Default: ipv4_first"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1951
+#: sssd.conf.5.xml:2003
msgid "dns_resolver_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1954
+#: sssd.conf.5.xml:2006
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -2280,70 +2350,70 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1960 sssd-ldap.5.xml:1184 sssd-ldap.5.xml:1226
-#: sssd-ldap.5.xml:1241 sssd-krb5.5.xml:239
+#: sssd.conf.5.xml:2012 sssd-ldap.5.xml:1184 sssd-ldap.5.xml:1226
+#: sssd-ldap.5.xml:1241 sssd-krb5.5.xml:248
msgid "Default: 6"
msgstr "Пешфарз: 6"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1966
+#: sssd.conf.5.xml:2018
msgid "dns_discovery_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1969
+#: sssd.conf.5.xml:2021
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1973
+#: sssd.conf.5.xml:2025
msgid "Default: Use the domain part of machine's hostname"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1979
+#: sssd.conf.5.xml:2031
msgid "override_gid (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1982
+#: sssd.conf.5.xml:2034
msgid "Override the primary GID value with the one specified."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1988
+#: sssd.conf.5.xml:2040
msgid "case_sensitive (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1996
+#: sssd.conf.5.xml:2048
msgid "True"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1999
+#: sssd.conf.5.xml:2051
msgid "Case sensitive. This value is invalid for AD provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2005
+#: sssd.conf.5.xml:2057
msgid "False"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2007
+#: sssd.conf.5.xml:2059
msgid "Case insensitive."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2011
+#: sssd.conf.5.xml:2063
msgid "Preserving"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2014
+#: sssd.conf.5.xml:2066
msgid ""
"Same as False (case insensitive), but does not lowercase names in the result "
"of NSS operations. Note that name aliases (and in case of services also "
@@ -2351,7 +2421,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1991
+#: sssd.conf.5.xml:2043
msgid ""
"Treat user and group names as case sensitive. At the moment, this option is "
"not supported in the local provider. Possible option values are: "
@@ -2359,17 +2429,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2026
+#: sssd.conf.5.xml:2078
msgid "Default: True (False for AD provider)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2032
+#: sssd.conf.5.xml:2084
msgid "proxy_fast_alias (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2035
+#: sssd.conf.5.xml:2087
msgid ""
"When a user or group is looked up by name in the proxy provider, a second "
"lookup by ID is performed to \"canonicalize\" the name in case the requested "
@@ -2378,22 +2448,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2049
+#: sssd.conf.5.xml:2101
msgid "subdomain_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2060
+#: sssd.conf.5.xml:2112
msgid "%F"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2061
+#: sssd.conf.5.xml:2113
msgid "flat (NetBIOS) name of a subdomain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2052
+#: sssd.conf.5.xml:2104
msgid ""
"Use this homedir as default value for all subdomains within this domain in "
"IPA AD trust. See <emphasis>override_homedir</emphasis> for info about "
@@ -2403,29 +2473,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2066
+#: sssd.conf.5.xml:2118
msgid ""
"The value can be overridden by <emphasis>override_homedir</emphasis> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2070
+#: sssd.conf.5.xml:2122
msgid "Default: <filename>/home/%d/%u</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2075
+#: sssd.conf.5.xml:2127
msgid "realmd_tags (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2078
+#: sssd.conf.5.xml:2130
msgid ""
"Various tags stored by the realmd configuration service for this domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1092
+#: sssd.conf.5.xml:1144
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
@@ -2433,29 +2503,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2091
+#: sssd.conf.5.xml:2143
msgid "proxy_pam_target (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2094
+#: sssd.conf.5.xml:2146
msgid "The proxy target PAM proxies to."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2097
+#: sssd.conf.5.xml:2149
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2105
+#: sssd.conf.5.xml:2157
msgid "proxy_lib_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2108
+#: sssd.conf.5.xml:2160
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -2463,19 +2533,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:2087
+#: sssd.conf.5.xml:2139
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
"\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:2120
+#: sssd.conf.5.xml:2172
msgid "The local domain section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:2122
+#: sssd.conf.5.xml:2174
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -2483,73 +2553,73 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2129
+#: sssd.conf.5.xml:2181
msgid "default_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2132
+#: sssd.conf.5.xml:2184
msgid "The default shell for users created with SSSD userspace tools."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2136
+#: sssd.conf.5.xml:2188
msgid "Default: <filename>/bin/bash</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2141
+#: sssd.conf.5.xml:2193
msgid "base_directory (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2144
+#: sssd.conf.5.xml:2196
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2149
+#: sssd.conf.5.xml:2201
msgid "Default: <filename>/home</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2154
+#: sssd.conf.5.xml:2206
msgid "create_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2157
+#: sssd.conf.5.xml:2209
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2161 sssd.conf.5.xml:2173
+#: sssd.conf.5.xml:2213 sssd.conf.5.xml:2225
msgid "Default: TRUE"
msgstr "Пешфарз: TRUE"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2166
+#: sssd.conf.5.xml:2218
msgid "remove_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2169
+#: sssd.conf.5.xml:2221
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2178
+#: sssd.conf.5.xml:2230
msgid "homedir_umask (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2181
+#: sssd.conf.5.xml:2233
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -2557,17 +2627,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2189
+#: sssd.conf.5.xml:2241
msgid "Default: 077"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2194
+#: sssd.conf.5.xml:2246
msgid "skel_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2197
+#: sssd.conf.5.xml:2249
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -2576,17 +2646,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2207
+#: sssd.conf.5.xml:2259
msgid "Default: <filename>/etc/skel</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2212
+#: sssd.conf.5.xml:2264
msgid "mail_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2215
+#: sssd.conf.5.xml:2267
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -2594,17 +2664,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2222
+#: sssd.conf.5.xml:2274
msgid "Default: <filename>/var/mail</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2227
+#: sssd.conf.5.xml:2279
msgid "userdel_cmd (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2230
+#: sssd.conf.5.xml:2282
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -2612,19 +2682,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2236
+#: sssd.conf.5.xml:2288
msgid "Default: None, no command is run"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:2246 sssd-ldap.5.xml:2518 sssd-simple.5.xml:131
-#: sssd-ipa.5.xml:718 sssd-ad.5.xml:843 sssd-krb5.5.xml:519
+#: sssd.conf.5.xml:2298 sssd-ldap.5.xml:2569 sssd-simple.5.xml:131
+#: sssd-ipa.5.xml:718 sssd-ad.5.xml:843 sssd-krb5.5.xml:564
#: sss_rpcidmapd.5.xml:98
msgid "EXAMPLE"
msgstr "НАМУНА"
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:2252
+#: sssd.conf.5.xml:2304
#, no-wrap
msgid ""
"[sssd]\n"
@@ -2654,7 +2724,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:2248
+#: sssd.conf.5.xml:2300
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -3493,7 +3563,7 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:738 sssd-ldap.5.xml:831 sssd-ldap.5.xml:1058
-#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:2102 sssd-ldap.5.xml:2441
+#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:2153 sssd-ldap.5.xml:2492
#: sssd-ipa.5.xml:591
msgid "Default: cn"
msgstr ""
@@ -3774,11 +3844,6 @@ msgid ""
"dealing with complex or deep nested groups)."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1017
-msgid "ldap_use_tokengroups"
-msgstr ""
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1020
msgid ""
@@ -4013,7 +4078,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1258 sssd-ldap.5.xml:2259
+#: sssd-ldap.5.xml:1258 sssd-ldap.5.xml:2310
msgid "Default: 900 (15 minutes)"
msgstr ""
@@ -4464,7 +4529,7 @@ msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:403 sssd-krb5.5.xml:453
+#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:403 sssd-krb5.5.xml:462
msgid "krb5_canonicalize (boolean)"
msgstr ""
@@ -4476,12 +4541,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1700 sssd-krb5.5.xml:468
+#: sssd-ldap.5.xml:1700 sssd-krb5.5.xml:477
msgid "krb5_use_kdcinfo (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1703 sssd-krb5.5.xml:471
+#: sssd-ldap.5.xml:1703 sssd-krb5.5.xml:480
msgid ""
"Specifies if the SSSD should instruct the Kerberos libraries what realm and "
"which KDCs to use. This option is on by default, if you disable it, you need "
@@ -4491,7 +4556,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1714 sssd-krb5.5.xml:482
+#: sssd-ldap.5.xml:1714 sssd-krb5.5.xml:491
msgid ""
"See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</"
"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more "
@@ -4759,40 +4824,93 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1958
+msgid ""
+"<emphasis> Please note that this option is superseded by the <quote>ppolicy</"
+"quote> option and might be removed in a future release. </emphasis>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1965
+msgid ""
+"<emphasis>ppolicy</emphasis>: use account locking. If set, this option "
+"denies access in case that ldap attribute 'pwdAccountLockedTime' is present "
+"and has value of '000001010000Z' or represents any time in the past. The "
+"value of the 'pwdAccountLockedTime' attribute must end with 'Z', which "
+"denotes the UTC time zone. Other time zones are not currently supported and "
+"will result in \"access-denied\" when users attempt to log in. Please see "
+"the option ldap_pwdlockout_dn. Please note that 'access_provider = ldap' "
+"must be set for this feature to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1982
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1962
+#: sssd-ldap.5.xml:1986
+msgid ""
+"<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, "
+"pwd_expire_policy_renew: </emphasis> These options are useful if users are "
+"interested in being warned that password is about to expire and "
+"authentication is based on using a different method than passwords - for "
+"example SSH keys."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1996
+msgid ""
+"The difference between these options is the action taken if user password is "
+"expired: pwd_expire_policy_reject - user is denied to log in, "
+"pwd_expire_policy_warn - user is still able to log in, "
+"pwd_expire_policy_renew - user is prompted to change his password "
+"immediately."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2004
+msgid ""
+"Note If user password is expired no explicit message is prompted by SSSD."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2008
+msgid ""
+"Please note that 'access_provider = ldap' must be set for this feature to "
+"work. Also 'ldap_pwd_policy' must be set to an appropriate password policy."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2013
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1967
+#: sssd-ldap.5.xml:2018
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1971
+#: sssd-ldap.5.xml:2022
msgid "Default: filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1974
+#: sssd-ldap.5.xml:2025
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1981
+#: sssd-ldap.5.xml:2032
msgid "ldap_pwdlockout_dn (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1984
+#: sssd-ldap.5.xml:2035
msgid ""
"This option specifies the DN of password policy entry on LDAP server. Please "
"note that absence of this option in sssd.conf in case of enabled account "
@@ -4801,74 +4919,74 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1992
+#: sssd-ldap.5.xml:2043
msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1995
+#: sssd-ldap.5.xml:2046
msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2001
+#: sssd-ldap.5.xml:2052
msgid "ldap_deref (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2004
+#: sssd-ldap.5.xml:2055
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2009
+#: sssd-ldap.5.xml:2060
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2013
+#: sssd-ldap.5.xml:2064
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2018
+#: sssd-ldap.5.xml:2069
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2023
+#: sssd-ldap.5.xml:2074
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2028
+#: sssd-ldap.5.xml:2079
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2036
+#: sssd-ldap.5.xml:2087
msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2039
+#: sssd-ldap.5.xml:2090
msgid ""
"Allows to retain local users as members of an LDAP group for servers that "
"use the RFC2307 schema."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2043
+#: sssd-ldap.5.xml:2094
msgid ""
"In some environments where the RFC2307 schema is used, local users are made "
"members of LDAP groups by adding their names to the memberUid attribute. "
@@ -4879,7 +4997,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2054
+#: sssd-ldap.5.xml:2105
msgid ""
"This option falls back to checking if local users are referenced, and caches "
"them so that later initgroups() calls will augment the local users with the "
@@ -4897,12 +5015,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2070
+#: sssd-ldap.5.xml:2121
msgid "SUDO OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2072
+#: sssd-ldap.5.xml:2123
msgid ""
"The detailed instructions for configuration of sudo_provider are in the "
"manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> "
@@ -4910,208 +5028,208 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2083
+#: sssd-ldap.5.xml:2134
msgid "ldap_sudorule_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2086
+#: sssd-ldap.5.xml:2137
msgid "The object class of a sudo rule entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2089
+#: sssd-ldap.5.xml:2140
msgid "Default: sudoRole"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2095
+#: sssd-ldap.5.xml:2146
msgid "ldap_sudorule_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2098
+#: sssd-ldap.5.xml:2149
msgid "The LDAP attribute that corresponds to the sudo rule name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2108
+#: sssd-ldap.5.xml:2159
msgid "ldap_sudorule_command (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2111
+#: sssd-ldap.5.xml:2162
msgid "The LDAP attribute that corresponds to the command name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2115
+#: sssd-ldap.5.xml:2166
msgid "Default: sudoCommand"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2121
+#: sssd-ldap.5.xml:2172
msgid "ldap_sudorule_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2124
+#: sssd-ldap.5.xml:2175
msgid ""
"The LDAP attribute that corresponds to the host name (or host IP address, "
"host IP network, or host netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2129
+#: sssd-ldap.5.xml:2180
msgid "Default: sudoHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2135
+#: sssd-ldap.5.xml:2186
msgid "ldap_sudorule_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2138
+#: sssd-ldap.5.xml:2189
msgid ""
"The LDAP attribute that corresponds to the user name (or UID, group name or "
"user's netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2142
+#: sssd-ldap.5.xml:2193
msgid "Default: sudoUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2148
+#: sssd-ldap.5.xml:2199
msgid "ldap_sudorule_option (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2151
+#: sssd-ldap.5.xml:2202
msgid "The LDAP attribute that corresponds to the sudo options."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2155
+#: sssd-ldap.5.xml:2206
msgid "Default: sudoOption"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2161
+#: sssd-ldap.5.xml:2212
msgid "ldap_sudorule_runasuser (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2164
+#: sssd-ldap.5.xml:2215
msgid ""
"The LDAP attribute that corresponds to the user name that commands may be "
"run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2168
+#: sssd-ldap.5.xml:2219
msgid "Default: sudoRunAsUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2174
+#: sssd-ldap.5.xml:2225
msgid "ldap_sudorule_runasgroup (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2177
+#: sssd-ldap.5.xml:2228
msgid ""
"The LDAP attribute that corresponds to the group name or group GID that "
"commands may be run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2181
+#: sssd-ldap.5.xml:2232
msgid "Default: sudoRunAsGroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2187
+#: sssd-ldap.5.xml:2238
msgid "ldap_sudorule_notbefore (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2190
+#: sssd-ldap.5.xml:2241
msgid ""
"The LDAP attribute that corresponds to the start date/time for when the sudo "
"rule is valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2194
+#: sssd-ldap.5.xml:2245
msgid "Default: sudoNotBefore"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2200
+#: sssd-ldap.5.xml:2251
msgid "ldap_sudorule_notafter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2203
+#: sssd-ldap.5.xml:2254
msgid ""
"The LDAP attribute that corresponds to the expiration date/time, after which "
"the sudo rule will no longer be valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2208
+#: sssd-ldap.5.xml:2259
msgid "Default: sudoNotAfter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2214
+#: sssd-ldap.5.xml:2265
msgid "ldap_sudorule_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2217
+#: sssd-ldap.5.xml:2268
msgid "The LDAP attribute that corresponds to the ordering index of the rule."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2221
+#: sssd-ldap.5.xml:2272
msgid "Default: sudoOrder"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2227
+#: sssd-ldap.5.xml:2278
msgid "ldap_sudo_full_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2230
+#: sssd-ldap.5.xml:2281
msgid ""
"How many seconds SSSD will wait between executing a full refresh of sudo "
"rules (which downloads all rules that are stored on the server)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2235
+#: sssd-ldap.5.xml:2286
msgid ""
"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </"
"emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2240
+#: sssd-ldap.5.xml:2291
msgid "Default: 21600 (6 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2246
+#: sssd-ldap.5.xml:2297
msgid "ldap_sudo_smart_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2249
+#: sssd-ldap.5.xml:2300
msgid ""
"How many seconds SSSD has to wait before executing a smart refresh of sudo "
"rules (which downloads all rules that have USN higher than the highest USN "
@@ -5119,101 +5237,101 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2255
+#: sssd-ldap.5.xml:2306
msgid ""
"If USN attributes are not supported by the server, the modifyTimestamp "
"attribute is used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2265
+#: sssd-ldap.5.xml:2316
msgid "ldap_sudo_use_host_filter (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2268
+#: sssd-ldap.5.xml:2319
msgid ""
"If true, SSSD will download only rules that are applicable to this machine "
"(using the IPv4 or IPv6 host/network addresses and hostnames)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2279
+#: sssd-ldap.5.xml:2330
msgid "ldap_sudo_hostnames (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2282
+#: sssd-ldap.5.xml:2333
msgid ""
"Space separated list of hostnames or fully qualified domain names that "
"should be used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2287
+#: sssd-ldap.5.xml:2338
msgid ""
"If this option is empty, SSSD will try to discover the hostname and the "
"fully qualified domain name automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2292 sssd-ldap.5.xml:2315 sssd-ldap.5.xml:2333
-#: sssd-ldap.5.xml:2351
+#: sssd-ldap.5.xml:2343 sssd-ldap.5.xml:2366 sssd-ldap.5.xml:2384
+#: sssd-ldap.5.xml:2402
msgid ""
"If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</"
"emphasis> then this option has no effect."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2297 sssd-ldap.5.xml:2320
+#: sssd-ldap.5.xml:2348 sssd-ldap.5.xml:2371
msgid "Default: not specified"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2303
+#: sssd-ldap.5.xml:2354
msgid "ldap_sudo_ip (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2306
+#: sssd-ldap.5.xml:2357
msgid ""
"Space separated list of IPv4 or IPv6 host/network addresses that should be "
"used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2311
+#: sssd-ldap.5.xml:2362
msgid ""
"If this option is empty, SSSD will try to discover the addresses "
"automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2326
+#: sssd-ldap.5.xml:2377
msgid "ldap_sudo_include_netgroups (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2329
+#: sssd-ldap.5.xml:2380
msgid ""
"If true then SSSD will download every rule that contains a netgroup in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2344
+#: sssd-ldap.5.xml:2395
msgid "ldap_sudo_include_regexp (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2347
+#: sssd-ldap.5.xml:2398
msgid ""
"If true then SSSD will download every rule that contains a wildcard in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2363
+#: sssd-ldap.5.xml:2414
msgid ""
"This manual page only describes attribute name mapping. For detailed "
"explanation of sudo related attribute semantics, see <citerefentry> "
@@ -5222,91 +5340,91 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2373
+#: sssd-ldap.5.xml:2424
msgid "AUTOFS OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2375
+#: sssd-ldap.5.xml:2426
msgid ""
"Please note that the default values correspond to the default schema which "
"is RFC2307."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2381
+#: sssd-ldap.5.xml:2432
msgid "ldap_autofs_map_master_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2384
+#: sssd-ldap.5.xml:2435
msgid "The name of the automount master map in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2387
+#: sssd-ldap.5.xml:2438
msgid "Default: auto.master"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2394
+#: sssd-ldap.5.xml:2445
msgid "ldap_autofs_map_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2397 sssd-ldap.5.xml:2423
+#: sssd-ldap.5.xml:2448 sssd-ldap.5.xml:2474
msgid "The object class of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2400 sssd-ldap.5.xml:2427
+#: sssd-ldap.5.xml:2451 sssd-ldap.5.xml:2478
msgid "Default: automountMap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2407
+#: sssd-ldap.5.xml:2458
msgid "ldap_autofs_map_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2410
+#: sssd-ldap.5.xml:2461
msgid "The name of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2413
+#: sssd-ldap.5.xml:2464
msgid "Default: ou"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2420
+#: sssd-ldap.5.xml:2471
msgid "ldap_autofs_entry_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2434
+#: sssd-ldap.5.xml:2485
msgid "ldap_autofs_entry_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2437 sssd-ldap.5.xml:2451
+#: sssd-ldap.5.xml:2488 sssd-ldap.5.xml:2502
msgid ""
"The key of an automount entry in LDAP. The entry usually corresponds to a "
"mount point."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2448
+#: sssd-ldap.5.xml:2499
msgid "ldap_autofs_entry_value (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2455
+#: sssd-ldap.5.xml:2506
msgid "Default: automountInformation"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2379
+#: sssd-ldap.5.xml:2430
msgid ""
"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
@@ -5315,32 +5433,32 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2465
+#: sssd-ldap.5.xml:2516
msgid "ADVANCED OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2472
+#: sssd-ldap.5.xml:2523
msgid "ldap_netgroup_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2477
+#: sssd-ldap.5.xml:2528
msgid "ldap_user_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2482
+#: sssd-ldap.5.xml:2533
msgid "ldap_group_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><note>
-#: sssd-ldap.5.xml:2487
+#: sssd-ldap.5.xml:2538
msgid "<note>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para>
-#: sssd-ldap.5.xml:2489
+#: sssd-ldap.5.xml:2540
msgid ""
"If the option <quote>ldap_use_tokengroups</quote> is enabled. The searches "
"against Active Directory will not be restricted and return all groups "
@@ -5349,22 +5467,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist>
-#: sssd-ldap.5.xml:2496
+#: sssd-ldap.5.xml:2547
msgid "</note>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2498
+#: sssd-ldap.5.xml:2549
msgid "ldap_sudo_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2503
+#: sssd-ldap.5.xml:2554
msgid "ldap_autofs_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2467
+#: sssd-ldap.5.xml:2518
msgid ""
"These options are supported by LDAP domains, but they should be used with "
"caution. Please include them in your configuration only if you know what you "
@@ -5373,7 +5491,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2520
+#: sssd-ldap.5.xml:2571
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -5381,7 +5499,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2526
+#: sssd-ldap.5.xml:2577
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -5394,26 +5512,26 @@ msgid ""
msgstr ""
#. type: Content of: <refsect1><refsect2><para>
-#: sssd-ldap.5.xml:2525 sssd-ldap.5.xml:2543 sssd-simple.5.xml:139
+#: sssd-ldap.5.xml:2576 sssd-ldap.5.xml:2594 sssd-simple.5.xml:139
#: sssd-ipa.5.xml:726 sssd-ad.5.xml:851 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98
-#: sssd-krb5.5.xml:528 include/ldap_id_mapping.xml:105
+#: sssd-krb5.5.xml:573 include/ldap_id_mapping.xml:105
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2537
+#: sssd-ldap.5.xml:2588
msgid "LDAP ACCESS FILTER EXAMPLE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2539
+#: sssd-ldap.5.xml:2590
msgid ""
"The following example assumes that SSSD is correctly configured and to use "
"the ldap_access_order=lockout."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2544
+#: sssd-ldap.5.xml:2595
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -5429,13 +5547,13 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2559 sssd_krb5_locator_plugin.8.xml:61
+#: sssd-ldap.5.xml:2610 sssd_krb5_locator_plugin.8.xml:61
#: sssd-simple.5.xml:148 sssd-ad.5.xml:866 sssd.8.xml:195 sss_seed.8.xml:163
msgid "NOTES"
msgstr "ЭЗОҲҲО"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2561
+#: sssd-ldap.5.xml:2612
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -6195,7 +6313,7 @@ msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:371 sssd-krb5.5.xml:245
+#: sssd-ipa.5.xml:371 sssd-krb5.5.xml:254
msgid "krb5_validate (boolean)"
msgstr ""
@@ -6236,12 +6354,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:419 sssd-krb5.5.xml:407
+#: sssd-ipa.5.xml:419 sssd-krb5.5.xml:416
msgid "krb5_use_fast (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:422 sssd-krb5.5.xml:410
+#: sssd-ipa.5.xml:422 sssd-krb5.5.xml:419
msgid ""
"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-"
"authentication. The following options are supported:"
@@ -6261,7 +6379,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:436 sssd-krb5.5.xml:424
+#: sssd-ipa.5.xml:436 sssd-krb5.5.xml:433
msgid ""
"<emphasis>demand</emphasis> to use FAST. The authentication fails if the "
"server does not require fast."
@@ -6273,7 +6391,7 @@ msgid "Default: try"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:444 sssd-krb5.5.xml:435
+#: sssd-ipa.5.xml:444 sssd-krb5.5.xml:444
msgid ""
"NOTE: SSSD supports FAST only with MIT Kerberos version 1.8 and later. If "
"SSSD is used with an older version of MIT Kerberos, using this option is a "
@@ -7357,12 +7475,12 @@ msgid "Default: True"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:797 sssd-krb5.5.xml:496
+#: sssd-ad.5.xml:797 sssd-krb5.5.xml:505
msgid "krb5_use_enterprise_principal (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:800 sssd-krb5.5.xml:499
+#: sssd-ad.5.xml:800 sssd-krb5.5.xml:508
msgid ""
"Specifies if the user principal should be treated as enterprise principal. "
"See section 5 of RFC 6806 for more details about enterprise principals."
@@ -8305,16 +8423,24 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:225
+msgid ""
+"NOTE: Please be aware that libkrb5 ccache expansion template from "
+"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> uses different expansion sequences than SSSD."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:234
msgid "Default: (from libkrb5)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:231
+#: sssd-krb5.5.xml:240
msgid "krb5_auth_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:234
+#: sssd-krb5.5.xml:243
msgid ""
"Timeout in seconds after an online authentication request or change password "
"request is aborted. If possible, the authentication request is continued "
@@ -8322,7 +8448,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:248
+#: sssd-krb5.5.xml:257
msgid ""
"Verify with the help of krb5_keytab that the TGT obtained has not been "
"spoofed. The keytab is checked for entries sequentially, and the first entry "
@@ -8333,36 +8459,36 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:263
+#: sssd-krb5.5.xml:272
msgid "krb5_keytab (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:266
+#: sssd-krb5.5.xml:275
msgid ""
"The location of the keytab to use when validating credentials obtained from "
"KDCs."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:270
+#: sssd-krb5.5.xml:279
msgid "Default: /etc/krb5.keytab"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:276
+#: sssd-krb5.5.xml:285
msgid "krb5_store_password_if_offline (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:279
+#: sssd-krb5.5.xml:288
msgid ""
"Store the password of the user if the provider is offline and use it to "
"request a TGT when the provider comes online again."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:284
+#: sssd-krb5.5.xml:293
msgid ""
"NOTE: this feature is only available on Linux. Passwords stored in this way "
"are kept in plaintext in the kernel keyring and are potentially accessible "
@@ -8370,91 +8496,91 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:297
+#: sssd-krb5.5.xml:306
msgid "krb5_renewable_lifetime (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:300
+#: sssd-krb5.5.xml:309
msgid ""
"Request a renewable ticket with a total lifetime, given as an integer "
"immediately followed by a time unit:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:305 sssd-krb5.5.xml:339 sssd-krb5.5.xml:376
+#: sssd-krb5.5.xml:314 sssd-krb5.5.xml:348 sssd-krb5.5.xml:385
msgid "<emphasis>s</emphasis> for seconds"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:308 sssd-krb5.5.xml:342 sssd-krb5.5.xml:379
+#: sssd-krb5.5.xml:317 sssd-krb5.5.xml:351 sssd-krb5.5.xml:388
msgid "<emphasis>m</emphasis> for minutes"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:311 sssd-krb5.5.xml:345 sssd-krb5.5.xml:382
+#: sssd-krb5.5.xml:320 sssd-krb5.5.xml:354 sssd-krb5.5.xml:391
msgid "<emphasis>h</emphasis> for hours"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:314 sssd-krb5.5.xml:348 sssd-krb5.5.xml:385
+#: sssd-krb5.5.xml:323 sssd-krb5.5.xml:357 sssd-krb5.5.xml:394
msgid "<emphasis>d</emphasis> for days."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:317 sssd-krb5.5.xml:388
+#: sssd-krb5.5.xml:326 sssd-krb5.5.xml:397
msgid "If there is no unit given, <emphasis>s</emphasis> is assumed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:321 sssd-krb5.5.xml:392
+#: sssd-krb5.5.xml:330 sssd-krb5.5.xml:401
msgid ""
"NOTE: It is not possible to mix units. To set the renewable lifetime to one "
"and a half hours, use '90m' instead of '1h30m'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:326
+#: sssd-krb5.5.xml:335
msgid "Default: not set, i.e. the TGT is not renewable"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:332
+#: sssd-krb5.5.xml:341
msgid "krb5_lifetime (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:335
+#: sssd-krb5.5.xml:344
msgid ""
"Request ticket with a lifetime, given as an integer immediately followed by "
"a time unit:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:351
+#: sssd-krb5.5.xml:360
msgid "If there is no unit given <emphasis>s</emphasis> is assumed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:355
+#: sssd-krb5.5.xml:364
msgid ""
"NOTE: It is not possible to mix units. To set the lifetime to one and a "
"half hours please use '90m' instead of '1h30m'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:360
+#: sssd-krb5.5.xml:369
msgid ""
"Default: not set, i.e. the default ticket lifetime configured on the KDC."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:367
+#: sssd-krb5.5.xml:376
msgid "krb5_renew_interval (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:370
+#: sssd-krb5.5.xml:379
msgid ""
"The time in seconds between two checks if the TGT should be renewed. TGTs "
"are renewed if about half of their lifetime is exceeded, given as an integer "
@@ -8462,56 +8588,89 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:397
+#: sssd-krb5.5.xml:406
msgid "If this option is not set or is 0 the automatic renewal is disabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:415
+#: sssd-krb5.5.xml:424
msgid ""
"<emphasis>never</emphasis> use FAST. This is equivalent to not setting this "
"option at all."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:419
+#: sssd-krb5.5.xml:428
msgid ""
"<emphasis>try</emphasis> to use FAST. If the server does not support FAST, "
"continue the authentication without it."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:429
+#: sssd-krb5.5.xml:438
msgid "Default: not set, i.e. FAST is not used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:432
+#: sssd-krb5.5.xml:441
msgid "NOTE: a keytab is required to use FAST."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:444
+#: sssd-krb5.5.xml:453
msgid "krb5_fast_principal (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:447
+#: sssd-krb5.5.xml:456
msgid "Specifies the server principal to use for FAST."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:456
+#: sssd-krb5.5.xml:465
msgid ""
"Specifies if the host and user principal should be canonicalized. This "
"feature is available with MIT Kerberos 1.7 and later versions."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:505
+#: sssd-krb5.5.xml:514
msgid "Default: false (AD provider: true)"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:520
+msgid "krb5_map_user (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:523
+msgid ""
+"The list of mappings is given as a comma-separated list of pairs "
+"<quote>username:primary</quote> where <quote>username</quote> is a UNIX user "
+"name and <quote>primary</quote> is a user part of a kerberos principal. This "
+"mapping is used when user is authenticating using <quote>auth_provider = "
+"krb5</quote>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd-krb5.5.xml:535
+#, no-wrap
+msgid ""
+"krb5_realm = REALM\n"
+"krb5_map_user = joe:juser,dick:richard\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:540
+msgid ""
+"<quote>joe</quote> and <quote>dick</quote> are UNIX user names and "
+"<quote>juser</quote> and <quote>richard</quote> are primaries of kerberos "
+"principals. For user <quote>joe</quote> resp. <quote>dick</quote> SSSD will "
+"try to kinit as <quote>juser@REALM</quote> resp. <quote>richard@REALM</"
+"quote>."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-krb5.5.xml:65
msgid ""
@@ -8523,7 +8682,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-krb5.5.xml:521
+#: sssd-krb5.5.xml:566
msgid ""
"The following example assumes that SSSD is correctly configured and FOO is "
"one of the domains in the <replaceable>[sssd]</replaceable> section. This "
@@ -8532,7 +8691,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-krb5.5.xml:529
+#: sssd-krb5.5.xml:574
#, no-wrap
msgid ""
" [domain/FOO]\n"
diff --git a/src/man/po/uk.po b/src/man/po/uk.po
index 57cc251a8..0af127a77 100644
--- a/src/man/po/uk.po
+++ b/src/man/po/uk.po
@@ -6,12 +6,13 @@
# sgallagh <sgallagh@redhat.com>, 2011
# Yuri Chornoivan <yurchor@ukr.net>, 2011-2014
# Yuri Chornoivan <yurchor@ukr.net>, 2013
+# Yuri Chornoivan <yurchor@ukr.net>, 2015. #zanata
msgid ""
msgstr ""
"Project-Id-Version: sssd-docs 1.12.2\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2015-02-18 16:52+0100\n"
-"PO-Revision-Date: 2014-06-23 12:22-0400\n"
+"POT-Creation-Date: 2015-06-12 10:36+0200\n"
+"PO-Revision-Date: 2015-03-15 04:52-0400\n"
"Last-Translator: Yuri Chornoivan <yurchor@ukr.net>\n"
"Language-Team: Ukrainian (http://www.transifex.com/projects/p/sssd/language/"
"uk/)\n"
@@ -21,7 +22,7 @@ msgstr ""
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n"
"%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n"
-"X-Generator: Zanata 3.5.1\n"
+"X-Generator: Zanata 3.6.2\n"
#. type: Content of: <reference><title>
#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5
@@ -262,11 +263,11 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:81 sssd.conf.5.xml:571 sssd.conf.5.xml:1014
+#: sssd.conf.5.xml:81 sssd.conf.5.xml:602 sssd.conf.5.xml:1066
#: sssd-ldap.5.xml:1625 sssd-ldap.5.xml:1722 sssd-ldap.5.xml:1784
-#: sssd-ldap.5.xml:2273 sssd-ldap.5.xml:2338 sssd-ldap.5.xml:2356
+#: sssd-ldap.5.xml:2324 sssd-ldap.5.xml:2389 sssd-ldap.5.xml:2407
#: sssd-ipa.5.xml:378 sssd-ipa.5.xml:413 sssd-ad.5.xml:166 sssd-ad.5.xml:264
-#: sssd-ad.5.xml:714 sssd-ad.5.xml:806 sssd-krb5.5.xml:490
+#: sssd-ad.5.xml:714 sssd-ad.5.xml:806 sssd-krb5.5.xml:499
msgid "Default: true"
msgstr "Типове значення: true"
@@ -283,16 +284,16 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:94 sssd.conf.5.xml:968 sssd.conf.5.xml:2043
+#: sssd.conf.5.xml:94 sssd.conf.5.xml:1020 sssd.conf.5.xml:2095
#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1499 sssd-ldap.5.xml:1518
-#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:2060 sssd-ipa.5.xml:139
-#: sssd-ipa.5.xml:208 sssd-ipa.5.xml:543 sssd-krb5.5.xml:257
-#: sssd-krb5.5.xml:291 sssd-krb5.5.xml:462
+#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:2111 sssd-ipa.5.xml:139
+#: sssd-ipa.5.xml:208 sssd-ipa.5.xml:543 sssd-krb5.5.xml:266
+#: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471
msgid "Default: false"
msgstr "Типове значення: false"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:67 sssd.conf.5.xml:105 sssd-ldap.5.xml:2081
+#: sssd.conf.5.xml:67 sssd.conf.5.xml:105 sssd-ldap.5.xml:2132
msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr "<placeholder type=\"variablelist\" id=\"0\"/>"
@@ -331,7 +332,7 @@ msgid "The [sssd] section"
msgstr "Розділ [sssd]"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:137 sssd.conf.5.xml:2127
+#: sssd.conf.5.xml:137 sssd.conf.5.xml:2179
msgid "Section parameters"
msgstr "Параметри розділу"
@@ -424,7 +425,7 @@ msgstr ""
"ASCII, дефісів та знаків підкреслювання."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:193 sssd.conf.5.xml:1826
+#: sssd.conf.5.xml:193 sssd.conf.5.xml:1878
msgid "re_expression (string)"
msgstr "re_expression (рядок)"
@@ -450,12 +451,12 @@ msgstr ""
"ДОМЕНІВ."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:210 sssd.conf.5.xml:1877
+#: sssd.conf.5.xml:210 sssd.conf.5.xml:1929
msgid "full_name_format (string)"
msgstr "full_name_format (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:213 sssd.conf.5.xml:1880
+#: sssd.conf.5.xml:213 sssd.conf.5.xml:1932
msgid ""
"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
"manvolnum> </citerefentry>-compatible format that describes how to compose a "
@@ -467,32 +468,32 @@ msgstr ""
"домену."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:224 sssd.conf.5.xml:1891
+#: sssd.conf.5.xml:224 sssd.conf.5.xml:1943
msgid "%1$s"
msgstr "%1$s"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:225 sssd.conf.5.xml:1892
+#: sssd.conf.5.xml:225 sssd.conf.5.xml:1944
msgid "user name"
msgstr "ім’я користувача"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:228 sssd.conf.5.xml:1895
+#: sssd.conf.5.xml:228 sssd.conf.5.xml:1947
msgid "%2$s"
msgstr "%2$s"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:231 sssd.conf.5.xml:1898
+#: sssd.conf.5.xml:231 sssd.conf.5.xml:1950
msgid "domain name as specified in the SSSD config file."
msgstr "назва домену у форматі, вказаному у файлі налаштувань SSSD."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:237 sssd.conf.5.xml:1904
+#: sssd.conf.5.xml:237 sssd.conf.5.xml:1956
msgid "%3$s"
msgstr "%3$s"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:240 sssd.conf.5.xml:1907
+#: sssd.conf.5.xml:240 sssd.conf.5.xml:1959
msgid ""
"domain flat name. Mostly usable for Active Directory domains, both directly "
"configured or discovered via IPA trusts."
@@ -501,7 +502,7 @@ msgstr ""
"Directory, налаштованих та автоматично виявлених за зв’язками довіри IPA."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:221 sssd.conf.5.xml:1888
+#: sssd.conf.5.xml:221 sssd.conf.5.xml:1940
msgid ""
"The following expansions are supported: <placeholder type=\"variablelist\" "
"id=\"0\"/>"
@@ -615,9 +616,9 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:312
#, fuzzy
-#| msgid "Default: not set, i.e. FAST is not used."
+#| msgid "Default: not set (spaces will not be replaced)"
msgid "Default: not set, process will run as root"
-msgstr "Типове значення: не встановлено, тобто FAST не використовується."
+msgstr "Типове значення: не встановлено (пробіли не замінятимуться)"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:317
@@ -653,15 +654,15 @@ msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:336 sssd-ldap.5.xml:663 sssd-ldap.5.xml:1458
#: sssd-ldap.5.xml:1470 sssd-ldap.5.xml:1552 sssd-ad.5.xml:557
-#: sssd-ad.5.xml:627 sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:203
-#: include/ldap_id_mapping.xml:214
+#: sssd-ad.5.xml:627 sssd-krb5.5.xml:410 sssd-krb5.5.xml:550
+#: include/ldap_id_mapping.xml:203 include/ldap_id_mapping.xml:214
msgid "Default: not set"
msgstr "Типове значення: not set"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:341
msgid "override_space (string)"
-msgstr ""
+msgstr "override_space (рядок)"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:344
@@ -672,6 +673,11 @@ msgid ""
"scripts that have difficulty handling spaces, due to the default field "
"separator in the shell."
msgstr ""
+"За допомогою цього параметра можна змінити пробіли у іменах користувачів та "
+"назвах груп вказаним симовлом, наприклад _. Ім’я користувача «john doe» буде "
+"перетворено на «john_doe». Цю можливість було додано для сумісності із "
+"скриптами командної оболонки, у яких виникають проблеми із обробкою пробілів "
+"через типовий роздільник полів у оболонці."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:353
@@ -681,11 +687,15 @@ msgid ""
"character SSSD tries to return the unmodified name but in general the result "
"of a lookup is undefined."
msgstr ""
+"Будь ласка, зауважте, що використання символу-замінника, який може бути "
+"використано у іменах користувачів і назвах груп, є помилкою у налаштуваннях. "
+"Якщо назва містить символ-замінник, SSSD спробує повернути незмінену назву, "
+"але, загалом, результат пошуку буде невизначеним."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:361
msgid "Default: not set (spaces will not be replaced)"
-msgstr ""
+msgstr "Типове значення: не встановлено (пробіли не замінятимуться)"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
#: sssd.conf.5.xml:130
@@ -776,18 +786,18 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:427 sssd.conf.5.xml:443 sssd.conf.5.xml:475
-#: sssd.conf.5.xml:702 sssd.conf.5.xml:888 sssd.conf.5.xml:1209
+#: sssd.conf.5.xml:733 sssd.conf.5.xml:919 sssd.conf.5.xml:1261
#: sssd-ldap.5.xml:1200
msgid "Default: 60"
msgstr "Типове значення: 60"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:432 sssd.conf.5.xml:1198
+#: sssd.conf.5.xml:432 sssd.conf.5.xml:1250
msgid "force_timeout (integer)"
msgstr "force_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:435 sssd.conf.5.xml:1201
+#: sssd.conf.5.xml:435 sssd.conf.5.xml:1253
msgid ""
"If a service is not responding to ping checks (see the <quote>timeout</"
"quote> option), it is first sent the SIGTERM signal that instructs it to "
@@ -814,11 +824,15 @@ msgid ""
"back online will increase based upon the time spent disconnected. This "
"value is in seconds and calculated by the following:"
msgstr ""
+"Коли SSSD перемикається на автономний режим роботи, час, який має минути, "
+"перш ніж буде здійснено спробу повернутися до режиму у мережі, "
+"збільшуватиметься, відповідно до часу, проведеного у режимі від’єднання. Це "
+"значення вказується у секундах і обчислюється за такою формулою:"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:458
msgid "offline_timeout + random_offset"
-msgstr ""
+msgstr "час_очікування_для_переходу_у_автономний_режим + випадковий_зсув"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:461
@@ -826,11 +840,14 @@ msgid ""
"The random offset can increment up to 30 seconds. After each unsuccessful "
"attempt to go online, the new interval is recalculated by the following:"
msgstr ""
+"Випадковий зсув може збільшувати час на інтервал до 30 секунд. Після кожної "
+"невдалої спроби переходу до режиму у мережі новий інтервал часу обчислюється "
+"таким чином:"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:466
msgid "new_interval = old_interval*2 + random_offset"
-msgstr ""
+msgstr "новий_інтервал = старий_інтервал*2 + випадковий_зсув"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:469
@@ -839,14 +856,84 @@ msgid ""
"hour. If the calculated length of new_interval is greater than an hour, it "
"will be forced to one hour."
msgstr ""
+"Зауважте, що максимальна тривалість кожного з інтервалів у поточній версії "
+"обмежено однією годиною. Якщо обчислена тривалість нового інтервалу "
+"перевищує годину, буде встановлено інтервал у одну годину."
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:480
+#, fuzzy
+#| msgid "subdomain_enumerate (string)"
+msgid "subdomain_inherit (string)"
+msgstr "subdomain_enumerate (рядок)"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:483
+msgid ""
+"Specifies a list of configuration parameters that should be inherited by a "
+"subdomain. Please note that only selected parameters can be inherited. "
+"Currently the following options can be inherited:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:489
+#, fuzzy
+#| msgid "ignore_group_members (bool)"
+msgid "ignore_group_members"
+msgstr "ignore_group_members (булеве значення)"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:492
+#, fuzzy
+#| msgid "ldap_purge_cache_timeout (integer)"
+msgid "ldap_purge_cache_timeout"
+msgstr "ldap_purge_cache_timeout (ціле число)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:495 sssd-ldap.5.xml:1017
+msgid "ldap_use_tokengroups"
+msgstr "ldap_use_tokengroups"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:498
+#, fuzzy
+#| msgid "ldap_user_principal (string)"
+msgid "ldap_user_principal"
+msgstr "ldap_user_principal (рядок)"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd.conf.5.xml:503
+#, fuzzy, no-wrap
+#| msgid ""
+#| "fallback_homedir = /home/%u\n"
+#| " "
+msgid ""
+"subdomain_inherit = ldap_purge_cache_timeout\n"
+" "
+msgstr ""
+"fallback_homedir = /home/%u\n"
+" "
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:501
+#, fuzzy
+#| msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
+msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr "приклад: <placeholder type=\"programlisting\" id=\"0\"/>"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:507 sssd.conf.5.xml:963 sssd.conf.5.xml:984
+#: sssd.conf.5.xml:1244 sssd-ldap.5.xml:1753
+msgid "Default: none"
+msgstr "Типове значення: none"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:484
+#: sssd.conf.5.xml:515
msgid "NSS configuration options"
msgstr "Параметри налаштування NSS"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:486
+#: sssd.conf.5.xml:517
msgid ""
"These options can be used to configure the Name Service Switch (NSS) service."
msgstr ""
@@ -854,12 +941,12 @@ msgstr ""
"Switch (NSS або перемикання служби визначення назв)."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:491
+#: sssd.conf.5.xml:522
msgid "enum_cache_timeout (integer)"
msgstr "enum_cache_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:494
+#: sssd.conf.5.xml:525
msgid ""
"How many seconds should nss_sss cache enumerations (requests for info about "
"all users)"
@@ -868,17 +955,17 @@ msgstr ""
"кеші nss_sss у секундах"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:498
+#: sssd.conf.5.xml:529
msgid "Default: 120"
msgstr "Типове значення: 120"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:503
+#: sssd.conf.5.xml:534
msgid "entry_cache_nowait_percentage (integer)"
msgstr "entry_cache_nowait_percentage (ціле число)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:506
+#: sssd.conf.5.xml:537
msgid ""
"The entry cache can be set to automatically update entries in the background "
"if they are requested beyond a percentage of the entry_cache_timeout value "
@@ -889,7 +976,7 @@ msgstr ""
"entry_cache_timeout для домену період часу."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:512
+#: sssd.conf.5.xml:543
msgid ""
"For example, if the domain's entry_cache_timeout is set to 30s and "
"entry_cache_nowait_percentage is set to 50 (percent), entries that come in "
@@ -904,7 +991,7 @@ msgstr ""
"розблокування після оновлення кешу."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:522
+#: sssd.conf.5.xml:553
msgid ""
"Valid values for this option are 0-99 and represent a percentage of the "
"entry_cache_timeout for each domain. For performance reasons, this "
@@ -918,17 +1005,17 @@ msgstr ""
"можливість."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:530
+#: sssd.conf.5.xml:561
msgid "Default: 50"
msgstr "Типове значення: 50"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:535
+#: sssd.conf.5.xml:566
msgid "entry_negative_timeout (integer)"
msgstr "entry_negative_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:538
+#: sssd.conf.5.xml:569
msgid ""
"Specifies for how many seconds nss_sss should cache negative cache hits "
"(that is, queries for invalid database entries, like nonexistent ones) "
@@ -939,17 +1026,17 @@ msgstr ""
"даних, зокрема неіснуючих) перед повторним запитом до сервера обробки."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:544 sssd.conf.5.xml:992
+#: sssd.conf.5.xml:575 sssd.conf.5.xml:1044
msgid "Default: 15"
msgstr "Типове значення: 15"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:549
+#: sssd.conf.5.xml:580
msgid "filter_users, filter_groups (string)"
msgstr "filter_users, filter_groups (рядок)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:552
+#: sssd.conf.5.xml:583
msgid ""
"Exclude certain users from being fetched from the sss NSS database. This is "
"particularly useful for system accounts. This option can also be set per-"
@@ -963,17 +1050,17 @@ msgstr ""
"списку користувачами лише з певного домену."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:559
+#: sssd.conf.5.xml:590
msgid "Default: root"
msgstr "Типове значення: root"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:564
+#: sssd.conf.5.xml:595
msgid "filter_users_in_groups (bool)"
msgstr "filter_users_in_groups (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:567
+#: sssd.conf.5.xml:598
msgid ""
"If you want filtered user still be group members set this option to false."
msgstr ""
@@ -981,12 +1068,12 @@ msgstr ""
"встановіть для цього параметра значення «false»."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:578
+#: sssd.conf.5.xml:609
msgid "fallback_homedir (string)"
msgstr "fallback_homedir (рядок)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:581
+#: sssd.conf.5.xml:612
msgid ""
"Set a default template for a user's home directory if one is not specified "
"explicitly by the domain's data provider."
@@ -995,7 +1082,7 @@ msgstr ""
"каталог не вказано явним чином засобом надання даних домену."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:586
+#: sssd.conf.5.xml:617
msgid ""
"The available values for this option are the same as for override_homedir."
msgstr ""
@@ -1003,7 +1090,7 @@ msgstr ""
"для параметра override_homedir."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
-#: sssd.conf.5.xml:592
+#: sssd.conf.5.xml:623
#, no-wrap
msgid ""
"fallback_homedir = /home/%u\n"
@@ -1013,24 +1100,25 @@ msgstr ""
" "
#. type: Content of: <varlistentry><listitem><para>
-#: sssd.conf.5.xml:590 include/override_homedir.xml:55
+#: sssd.conf.5.xml:621 sssd.conf.5.xml:978 sssd-krb5.5.xml:533
+#: include/override_homedir.xml:55
msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr "приклад: <placeholder type=\"programlisting\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:596
+#: sssd.conf.5.xml:627
msgid "Default: not set (no substitution for unset home directories)"
msgstr ""
"Типове значення: не встановлено (без замін для невстановлених домашніх "
"каталогів)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:602
+#: sssd.conf.5.xml:633
msgid "override_shell (string)"
msgstr "override_shell (рядок)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:605
+#: sssd.conf.5.xml:636
msgid ""
"Override the login shell for all users. This option supersedes any other "
"shell options if it takes effect and can be set either in the [nss] section "
@@ -1042,19 +1130,19 @@ msgstr ""
"або для кожного з доменів окремо."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:611
+#: sssd.conf.5.xml:642
msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
msgstr ""
"Типове значення: не встановлено (SSSD використовуватиме значення, отримане "
"від LDAP)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:617
+#: sssd.conf.5.xml:648
msgid "allowed_shells (string)"
msgstr "allowed_shells (рядок)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:620
+#: sssd.conf.5.xml:651
msgid ""
"Restrict user shell to one of the listed values. The order of evaluation is:"
msgstr ""
@@ -1062,13 +1150,13 @@ msgstr ""
"визначення оболонки є таким:"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:623
+#: sssd.conf.5.xml:654
msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
msgstr ""
"1. Якщо оболонку вказано у <quote>/etc/shells</quote>, її буде використано."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:627
+#: sssd.conf.5.xml:658
msgid ""
"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
"quote>, use the value of the shell_fallback parameter."
@@ -1078,7 +1166,7 @@ msgstr ""
"shell_fallback."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:632
+#: sssd.conf.5.xml:663
msgid ""
"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
"shells</quote>, a nologin shell is used."
@@ -1087,14 +1175,14 @@ msgstr ""
"<quote>/etc/shells</quote>, буде використано оболонку nologin."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:637
+#: sssd.conf.5.xml:668
#, fuzzy
#| msgid "These options can be used to configure any service."
msgid "The wildcard (*) can be used to allow any shell."
msgstr "Цими параметрами можна скористатися для налаштування будь-яких служб."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:640
+#: sssd.conf.5.xml:671
msgid ""
"The (*) is useful if you want to use shell_fallback in case that user's "
"shell is not in <quote>/etc/shells</quote> and maintaining list of all "
@@ -1102,12 +1190,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:647
+#: sssd.conf.5.xml:678
msgid "An empty string for shell is passed as-is to libc."
msgstr "Порожній рядок оболонки буде передано без обробки до libc."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:650
+#: sssd.conf.5.xml:681
msgid ""
"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
"that a restart of the SSSD is required in case a new shell is installed."
@@ -1116,29 +1204,29 @@ msgstr ""
"тобто у разі встановлення нової оболонки слід перезапустити SSSD."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:654
+#: sssd.conf.5.xml:685
msgid "Default: Not set. The user shell is automatically used."
msgstr ""
"Типове значення: не встановлено. Автоматично використовується оболонка "
"користувача."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:659
+#: sssd.conf.5.xml:690
msgid "vetoed_shells (string)"
msgstr "vetoed_shells (рядок)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:662
+#: sssd.conf.5.xml:693
msgid "Replace any instance of these shells with the shell_fallback"
msgstr "Замінити всі записи цих оболонок на shell_fallback"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:667
+#: sssd.conf.5.xml:698
msgid "shell_fallback (string)"
msgstr "shell_fallback (рядок)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:670
+#: sssd.conf.5.xml:701
msgid ""
"The default shell to use if an allowed shell is not installed on the machine."
msgstr ""
@@ -1146,17 +1234,17 @@ msgstr ""
"системі не встановлено."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:674
+#: sssd.conf.5.xml:705
msgid "Default: /bin/sh"
msgstr "Типове значення: /bin/sh"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:679
+#: sssd.conf.5.xml:710
msgid "default_shell"
msgstr "default_shell"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:682
+#: sssd.conf.5.xml:713
msgid ""
"The default shell to use if the provider does not return one during lookup. "
"This option can be specified globally in the [nss] section or per-domain."
@@ -1166,7 +1254,7 @@ msgstr ""
"або на загальному рівні у розділі [nss], або окремо для кожного з доменів."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:688
+#: sssd.conf.5.xml:719
msgid ""
"Default: not set (Return NULL if no shell is specified and rely on libc to "
"substitute something sensible when necessary, usually /bin/sh)"
@@ -1176,12 +1264,12 @@ msgstr ""
"зазвичай /bin/sh)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:695 sssd.conf.5.xml:881
+#: sssd.conf.5.xml:726 sssd.conf.5.xml:912
msgid "get_domains_timeout (int)"
msgstr "get_domains_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:698 sssd.conf.5.xml:884
+#: sssd.conf.5.xml:729 sssd.conf.5.xml:915
msgid ""
"Specifies time in seconds for which the list of subdomains will be "
"considered valid."
@@ -1190,12 +1278,12 @@ msgstr ""
"чинним."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:707
+#: sssd.conf.5.xml:738
msgid "memcache_timeout (int)"
msgstr "memcache_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:710
+#: sssd.conf.5.xml:741
msgid ""
"Specifies time in seconds for which records in the in-memory cache will be "
"valid"
@@ -1204,17 +1292,17 @@ msgstr ""
"чинним."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:714 sssd-ldap.5.xml:706
+#: sssd.conf.5.xml:745 sssd-ldap.5.xml:706
msgid "Default: 300"
msgstr "Типове значення: 300"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:719 sssd-ifp.5.xml:74
+#: sssd.conf.5.xml:750 sssd-ifp.5.xml:74
msgid "user_attributes (string)"
msgstr "user_attributes (рядок)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:722
+#: sssd.conf.5.xml:753
msgid ""
"Some of the additional NSS responder requests can return more attributes "
"than just the POSIX ones defined by the NSS interface. The list of "
@@ -1225,14 +1313,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:735
+#: sssd.conf.5.xml:766
msgid ""
"To make configuration more easy the NSS responder will check the InfoPipe "
"option if it is not set for the NSS responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:740
+#: sssd.conf.5.xml:771
#, fuzzy
#| msgid ""
#| "Default: 0 (only the root user is allowed to access the InfoPipe "
@@ -1243,12 +1331,12 @@ msgstr ""
"користувач (root))"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:747
+#: sssd.conf.5.xml:778
msgid "PAM configuration options"
msgstr "Параметри налаштування PAM"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:749
+#: sssd.conf.5.xml:780
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
@@ -1257,12 +1345,12 @@ msgstr ""
"Authentication Module (PAM або блокового модуля розпізнавання)."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:754
+#: sssd.conf.5.xml:785
msgid "offline_credentials_expiration (integer)"
msgstr "offline_credentials_expiration (ціле число)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:757
+#: sssd.conf.5.xml:788
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
@@ -1272,17 +1360,17 @@ msgstr ""
"входу до системи)."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:762 sssd.conf.5.xml:775
+#: sssd.conf.5.xml:793 sssd.conf.5.xml:806
msgid "Default: 0 (No limit)"
msgstr "Типове значення: 0 (без обмежень)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:768
+#: sssd.conf.5.xml:799
msgid "offline_failed_login_attempts (integer)"
msgstr "offline_failed_login_attempts (ціле число)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:771
+#: sssd.conf.5.xml:802
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
@@ -1291,12 +1379,12 @@ msgstr ""
"дозволену кількість спроб входу з визначенням помилкового пароля."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:781
+#: sssd.conf.5.xml:812
msgid "offline_failed_login_delay (integer)"
msgstr "offline_failed_login_delay (ціле число)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:784
+#: sssd.conf.5.xml:815
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
@@ -1306,7 +1394,7 @@ msgstr ""
"системи."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:789
+#: sssd.conf.5.xml:820
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -1318,17 +1406,17 @@ msgstr ""
"увімкнути можливість автономного розпізнавання."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:795 sssd.conf.5.xml:848
+#: sssd.conf.5.xml:826 sssd.conf.5.xml:879
msgid "Default: 5"
msgstr "Типове значення: 5"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:801
+#: sssd.conf.5.xml:832
msgid "pam_verbosity (integer)"
msgstr "pam_verbosity (ціле число)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:804
+#: sssd.conf.5.xml:835
msgid ""
"Controls what kind of messages are shown to the user during authentication. "
"The higher the number to more messages are displayed."
@@ -1337,43 +1425,43 @@ msgstr ""
"розпізнавання. Чим більшим є значення, тим більше повідомлень буде показано."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:809
+#: sssd.conf.5.xml:840
msgid "Currently sssd supports the following values:"
msgstr "У поточній версії sssd передбачено підтримку таких значень:"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:812
+#: sssd.conf.5.xml:843
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr "<emphasis>0</emphasis>: не показувати жодних повідомлень"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:815
+#: sssd.conf.5.xml:846
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr "<emphasis>1</emphasis>: показувати лише важливі повідомлення"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:819
+#: sssd.conf.5.xml:850
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr "<emphasis>2</emphasis>: показувати всі інформаційні повідомлення"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:822
+#: sssd.conf.5.xml:853
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
"<emphasis>3</emphasis>: показувати всі повідомлення та діагностичні дані"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:826 sssd.8.xml:63
+#: sssd.conf.5.xml:857 sssd.8.xml:63
msgid "Default: 1"
msgstr "Типове значення: 1"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:831
+#: sssd.conf.5.xml:862
msgid "pam_id_timeout (integer)"
msgstr "pam_id_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:834
+#: sssd.conf.5.xml:865
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -1384,7 +1472,7 @@ msgstr ""
"що розпізнавання виконується на основі найсвіжіших даних."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:840
+#: sssd.conf.5.xml:871
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a per-"
@@ -1398,18 +1486,18 @@ msgstr ""
"надання даних профілів."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:854
+#: sssd.conf.5.xml:885
msgid "pam_pwd_expiration_warning (integer)"
msgstr "pam_pwd_expiration_warning (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:857 sssd.conf.5.xml:1390
+#: sssd.conf.5.xml:888 sssd.conf.5.xml:1442
msgid "Display a warning N days before the password expires."
msgstr ""
"Показати попередження за вказану кількість днів перед завершенням дії пароля."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:860
+#: sssd.conf.5.xml:891
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1420,7 +1508,7 @@ msgstr ""
"попередження."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:866 sssd.conf.5.xml:1393
+#: sssd.conf.5.xml:897 sssd.conf.5.xml:1445
msgid ""
"If zero is set, then this filter is not applied, i.e. if the expiration "
"warning was received from backend server, it will automatically be displayed."
@@ -1430,7 +1518,7 @@ msgstr ""
"буде автоматично показано."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:871
+#: sssd.conf.5.xml:902
msgid ""
"This setting can be overridden by setting <emphasis>pwd_expiration_warning</"
"emphasis> for a particular domain."
@@ -1439,77 +1527,108 @@ msgstr ""
"<emphasis>pwd_expiration_warning</emphasis> для окремого домену."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:876 sssd.8.xml:79
+#: sssd.conf.5.xml:907 sssd.8.xml:79
msgid "Default: 0"
msgstr "Типове значення: 0"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:893
+#: sssd.conf.5.xml:924
msgid "pam_trusted_users (string)"
-msgstr ""
+msgstr "pam_trusted_users (рядок)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:896
+#: sssd.conf.5.xml:927
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAM responder. User names are resolved to UIDs at "
"startup."
msgstr ""
+"Визначає список значень UID або імен користувачів, відокремлених комами. \n"
+"Користувачам з цього списку буде дозволено доступ до відповідача PAM. UID "
+"за \n"
+"іменами користувачів визначатимуться під час запуску."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:902
+#: sssd.conf.5.xml:933
msgid "Default: all (All users are allowed to access the PAM responder)"
msgstr ""
+"Типове значення: all (Доступ до відповідача PAM отримують усі користувачі)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:906
+#: sssd.conf.5.xml:937
msgid ""
"Please note that UID 0 is always allowed to access the PAM responder even in "
"case it is not in the pam_trusted_users list."
msgstr ""
+"Будь ласка, зауважте, що користувачеві з UID 0 завжди мають доступ до "
+"відповідача PAM, навіть якщо користувача немає у списку pam_trusted_users."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:913
+#: sssd.conf.5.xml:944
msgid "pam_public_domains (string)"
-msgstr ""
+msgstr "pam_public_domains (рядок)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:916
+#: sssd.conf.5.xml:947
msgid ""
"Specifies the comma-separated list of domain names that are accessible even "
"to untrusted users."
msgstr ""
+"Визначає список назв доменів, відокремлених комами, доступ до яких можуть "
+"отримувати навіть ненадійні користувачі."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:920
+#: sssd.conf.5.xml:951
msgid "Two special values for pam_public_domains option are defined:"
-msgstr ""
+msgstr "Визначено два спеціальних значення параметра pam_public_domains:"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:924
+#: sssd.conf.5.xml:955
msgid ""
"all (Untrusted users are allowed to access all domains in PAM responder.)"
msgstr ""
+"all (Ненадійним користувачам відкрито доступ до усіх доменів у відповідачі "
+"PAM.)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:928
+#: sssd.conf.5.xml:959
msgid ""
"none (Untrusted users are not allowed to access any domains PAM in "
"responder.)"
msgstr ""
+"none (Ненадійним користувачам заборонено доступ до усіх доменів PAM у "
+"відповідачі.)"
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:932 sssd.conf.5.xml:1192 sssd-ldap.5.xml:1753
-msgid "Default: none"
-msgstr "Типове значення: none"
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:968
+#, fuzzy
+#| msgid "ldap_user_ad_account_expires (string)"
+msgid "pam_account_expired_message (string)"
+msgstr "ldap_user_ad_account_expires (рядок)"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:971
+msgid ""
+"If user is authenticating using SSH keys and account is expired then by "
+"default 'Permission denied' is output. This output will be changed to "
+"content of this variable if it is set."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd.conf.5.xml:980
+#, no-wrap
+msgid ""
+"pam_account_expired_message = Account expired, please call help desk.\n"
+" "
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:941
+#: sssd.conf.5.xml:993
msgid "SUDO configuration options"
msgstr "Параметри налаштування SUDO"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:943
+#: sssd.conf.5.xml:995
msgid ""
"These options can be used to configure the sudo service. The detailed "
"instructions for configuration of <citerefentry> <refentrytitle>sudo</"
@@ -1527,12 +1646,12 @@ msgstr ""
"citerefentry>."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:960
+#: sssd.conf.5.xml:1012
msgid "sudo_timed (bool)"
msgstr "sudo_timed (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:1015
msgid ""
"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
"that implement time-dependent sudoers entries."
@@ -1541,22 +1660,22 @@ msgstr ""
"призначені для визначення часових обмежень для записів sudoers."
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:976
+#: sssd.conf.5.xml:1028
msgid "AUTOFS configuration options"
msgstr "Параметри налаштування AUTOFS"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:978
+#: sssd.conf.5.xml:1030
msgid "These options can be used to configure the autofs service."
msgstr "Цими параметрами можна скористатися для налаштування служби autofs."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:982
+#: sssd.conf.5.xml:1034
msgid "autofs_negative_timeout (integer)"
msgstr "autofs_negative_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:985
+#: sssd.conf.5.xml:1037
msgid ""
"Specifies for how many seconds should the autofs responder negative cache "
"hits (that is, queries for invalid map entries, like nonexistent ones) "
@@ -1567,22 +1686,22 @@ msgstr ""
"базі даних, зокрема неіснуючих) перед повторним запитом до сервера обробки."
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1001
+#: sssd.conf.5.xml:1053
msgid "SSH configuration options"
msgstr "Параметри налаштувань SSH"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1003
+#: sssd.conf.5.xml:1055
msgid "These options can be used to configure the SSH service."
msgstr "Цими параметрами можна скористатися для налаштування служби SSH."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1007
+#: sssd.conf.5.xml:1059
msgid "ssh_hash_known_hosts (bool)"
msgstr "ssh_hash_known_hosts (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1010
+#: sssd.conf.5.xml:1062
msgid ""
"Whether or not to hash host names and addresses in the managed known_hosts "
"file."
@@ -1590,12 +1709,12 @@ msgstr ""
"Чи слід хешувати назви та адреси вузлів у керованому файлі known_hosts."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1019
+#: sssd.conf.5.xml:1071
msgid "ssh_known_hosts_timeout (integer)"
msgstr "ssh_known_hosts_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1022
+#: sssd.conf.5.xml:1074
msgid ""
"How many seconds to keep a host in the managed known_hosts file after its "
"host keys were requested."
@@ -1604,17 +1723,17 @@ msgstr ""
"файлі known_hosts після надсилання запиту щодо ключів вузла."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1026
+#: sssd.conf.5.xml:1078
msgid "Default: 180"
msgstr "Типове значення: 180"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1034
+#: sssd.conf.5.xml:1086
msgid "PAC responder configuration options"
msgstr "Параметри налаштування відповідача PAC"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1036
+#: sssd.conf.5.xml:1088
msgid ""
"The PAC responder works together with the authorization data plugin for MIT "
"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
@@ -1633,7 +1752,7 @@ msgstr ""
"декодовано і визначено, виконуються деякі з таких дій:"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1045
+#: sssd.conf.5.xml:1097
msgid ""
"If the remote user does not exist in the cache, it is created. The uid is "
"determined with the help of the SID, trusted domains will have UPGs and the "
@@ -1651,7 +1770,7 @@ msgstr ""
"параметра default_shell."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1053
+#: sssd.conf.5.xml:1105
msgid ""
"If there are SIDs of groups from domains sssd knows about, the user will be "
"added to those groups."
@@ -1660,18 +1779,18 @@ msgstr ""
"додано до цих груп."
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1059
+#: sssd.conf.5.xml:1111
msgid "These options can be used to configure the PAC responder."
msgstr ""
"Цими параметрами можна скористатися для налаштовування відповідача PAC."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1063 sssd-ifp.5.xml:50
+#: sssd.conf.5.xml:1115 sssd-ifp.5.xml:50
msgid "allowed_uids (string)"
msgstr "allowed_uids (рядок)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1066
+#: sssd.conf.5.xml:1118
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAC responder. User names are resolved to UIDs at "
@@ -1682,14 +1801,14 @@ msgstr ""
"іменами користувачів визначатимуться під час запуску."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1072
+#: sssd.conf.5.xml:1124
msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
msgstr ""
"Типове значення: 0 (доступ до відповідача PAC має лише адміністративний "
"користувач (root))"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1076
+#: sssd.conf.5.xml:1128
msgid ""
"Please note that although the UID 0 is used as the default it will be "
"overwritten with this option. If you still want to allow the root user to "
@@ -1703,17 +1822,17 @@ msgstr ""
"запис 0."
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:1090
+#: sssd.conf.5.xml:1142
msgid "DOMAIN SECTIONS"
msgstr "РОЗДІЛИ ДОМЕНІВ"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1097
+#: sssd.conf.5.xml:1149
msgid "min_id,max_id (integer)"
msgstr "min_id,max_id (ціле значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1100
+#: sssd.conf.5.xml:1152
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
@@ -1722,7 +1841,7 @@ msgstr ""
"відповідає цим обмеженням, його буде проігноровано."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1105
+#: sssd.conf.5.xml:1157
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For non-"
@@ -1735,7 +1854,7 @@ msgstr ""
"основної групи і належать діапазону, буде виведено у звичайному режимі."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1112
+#: sssd.conf.5.xml:1164
msgid ""
"These ID limits affect even saving entries to cache, not only returning them "
"by name or ID."
@@ -1744,17 +1863,17 @@ msgstr ""
"лише повернення записів за назвою або ідентифікатором."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1116
+#: sssd.conf.5.xml:1168
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr "Типові значення: 1 для min_id, 0 (без обмежень) для max_id"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1122
+#: sssd.conf.5.xml:1174
msgid "enumerate (bool)"
msgstr "enumerate (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1125
+#: sssd.conf.5.xml:1177
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
@@ -1763,23 +1882,23 @@ msgstr ""
"значень:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1129
+#: sssd.conf.5.xml:1181
msgid "TRUE = Users and groups are enumerated"
msgstr "TRUE = користувачі і групи нумеруються"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1132
+#: sssd.conf.5.xml:1184
msgid "FALSE = No enumerations for this domain"
msgstr "FALSE = не використовувати нумерацію для цього домену"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1135 sssd.conf.5.xml:1367 sssd.conf.5.xml:1476
-#: sssd.conf.5.xml:1493
+#: sssd.conf.5.xml:1187 sssd.conf.5.xml:1419 sssd.conf.5.xml:1528
+#: sssd.conf.5.xml:1545
msgid "Default: FALSE"
msgstr "Типове значення: FALSE"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1138
+#: sssd.conf.5.xml:1190
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
@@ -1798,7 +1917,7 @@ msgstr ""
"повторне визначення параметрів участі також іноді є складним завданням."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1151
+#: sssd.conf.5.xml:1203
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
@@ -1808,7 +1927,7 @@ msgstr ""
"завершено."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1156
+#: sssd.conf.5.xml:1208
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -1822,7 +1941,7 @@ msgstr ""
"відповідного використаного засобу обробки ідентифікаторів (id_provider)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1164
+#: sssd.conf.5.xml:1216
msgid ""
"For the reasons cited above, enabling enumeration is not recommended, "
"especially in large environments."
@@ -1831,32 +1950,32 @@ msgstr ""
"об’ємних середовищах."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1172
+#: sssd.conf.5.xml:1224
msgid "subdomain_enumerate (string)"
msgstr "subdomain_enumerate (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1179
+#: sssd.conf.5.xml:1231
msgid "all"
msgstr "all"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1180
+#: sssd.conf.5.xml:1232
msgid "All discovered trusted domains will be enumerated"
msgstr "Усі виявлені надійні домени буде пронумеровано"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1183
+#: sssd.conf.5.xml:1235
msgid "none"
msgstr "none"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1184
+#: sssd.conf.5.xml:1236
msgid "No discovered trusted domains will be enumerated"
msgstr "Нумерація виявлених надійних доменів не виконуватиметься"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1175
+#: sssd.conf.5.xml:1227
msgid ""
"Whether any of autodetected trusted domains should be enumerated. The "
"supported values are: <placeholder type=\"variablelist\" id=\"0\"/> "
@@ -1869,12 +1988,12 @@ msgstr ""
"доменів, для яких буде увімкнено нумерацію."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1215
+#: sssd.conf.5.xml:1267
msgid "entry_cache_timeout (integer)"
msgstr "entry_cache_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1218
+#: sssd.conf.5.xml:1270
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
@@ -1883,7 +2002,7 @@ msgstr ""
"надсилати повторний запит до сервера"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1222
+#: sssd.conf.5.xml:1274
msgid ""
"The cache expiration timestamps are stored as attributes of individual "
"objects in the cache. Therefore, changing the cache timeout only has effect "
@@ -1900,17 +2019,17 @@ msgstr ""
"<manvolnum>8</manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1235
+#: sssd.conf.5.xml:1287
msgid "Default: 5400"
msgstr "Типове значення: 5400"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1241
+#: sssd.conf.5.xml:1293
msgid "entry_cache_user_timeout (integer)"
msgstr "entry_cache_user_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1244
+#: sssd.conf.5.xml:1296
msgid ""
"How many seconds should nss_sss consider user entries valid before asking "
"the backend again"
@@ -1919,19 +2038,19 @@ msgstr ""
"чинними, перш ніж надсилати повторний запит до сервера"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1248 sssd.conf.5.xml:1261 sssd.conf.5.xml:1274
-#: sssd.conf.5.xml:1287 sssd.conf.5.xml:1300 sssd.conf.5.xml:1314
-#: sssd.conf.5.xml:1328
+#: sssd.conf.5.xml:1300 sssd.conf.5.xml:1313 sssd.conf.5.xml:1326
+#: sssd.conf.5.xml:1339 sssd.conf.5.xml:1352 sssd.conf.5.xml:1366
+#: sssd.conf.5.xml:1380
msgid "Default: entry_cache_timeout"
msgstr "Типове значення: entry_cache_timeout"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1254
+#: sssd.conf.5.xml:1306
msgid "entry_cache_group_timeout (integer)"
msgstr "entry_cache_group_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1257
+#: sssd.conf.5.xml:1309
msgid ""
"How many seconds should nss_sss consider group entries valid before asking "
"the backend again"
@@ -1940,12 +2059,12 @@ msgstr ""
"ніж надсилати повторний запит до сервера"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1267
+#: sssd.conf.5.xml:1319
msgid "entry_cache_netgroup_timeout (integer)"
msgstr "entry_cache_netgroup_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1270
+#: sssd.conf.5.xml:1322
msgid ""
"How many seconds should nss_sss consider netgroup entries valid before "
"asking the backend again"
@@ -1954,12 +2073,12 @@ msgstr ""
"чинними, перш ніж надсилати повторний запит до сервера"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1280
+#: sssd.conf.5.xml:1332
msgid "entry_cache_service_timeout (integer)"
msgstr "entry_cache_service_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1283
+#: sssd.conf.5.xml:1335
msgid ""
"How many seconds should nss_sss consider service entries valid before asking "
"the backend again"
@@ -1968,12 +2087,12 @@ msgstr ""
"ніж надсилати повторний запит до сервера"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1293
+#: sssd.conf.5.xml:1345
msgid "entry_cache_sudo_timeout (integer)"
msgstr "entry_cache_sudo_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1296
+#: sssd.conf.5.xml:1348
msgid ""
"How many seconds should sudo consider rules valid before asking the backend "
"again"
@@ -1982,12 +2101,12 @@ msgstr ""
"надсилати повторний запит до сервера"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1306
+#: sssd.conf.5.xml:1358
msgid "entry_cache_autofs_timeout (integer)"
msgstr "entry_cache_autofs_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1309
+#: sssd.conf.5.xml:1361
msgid ""
"How many seconds should the autofs service consider automounter maps valid "
"before asking the backend again"
@@ -1996,24 +2115,27 @@ msgstr ""
"чинними, перш ніж надсилати повторний запит до сервера"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1320
+#: sssd.conf.5.xml:1372
msgid "entry_cache_ssh_host_timeout (integer)"
-msgstr ""
+msgstr "entry_cache_ssh_host_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1323
+#: sssd.conf.5.xml:1375
msgid ""
"How many seconds to keep a host ssh key after refresh. IE how long to cache "
"the host key for."
msgstr ""
+"Кількість секунд, протягом яких слід зберігати ключ ssh вузла після "
+"оновлення. Іншими словами, параметр визначає тривалість зберігання ключа "
+"вузла у кеші."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1334
+#: sssd.conf.5.xml:1386
msgid "refresh_expired_interval (integer)"
msgstr "refresh_expired_interval (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1337
+#: sssd.conf.5.xml:1389
msgid ""
"Specifies how many seconds SSSD has to wait before triggering a background "
"refresh task which will refresh all expired or nearly expired records."
@@ -2023,49 +2145,48 @@ msgstr ""
"вичерпано або майже вичерпано."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1342
-msgid "Currently only refreshing expired netgroups is supported."
+#: sssd.conf.5.xml:1394
+msgid ""
+"The background refresh will process users, groups and netgroups in the cache."
msgstr ""
-"У поточній версії передбачено оновлення лише застарілих записів мережевих "
-"груп."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1346
+#: sssd.conf.5.xml:1398
msgid "You can consider setting this value to 3/4 * entry_cache_timeout."
msgstr ""
"Варто визначити для цього параметра значення 3/4 * entry_cache_timeout."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1350 sssd-ipa.5.xml:224
+#: sssd.conf.5.xml:1402 sssd-ipa.5.xml:224
msgid "Default: 0 (disabled)"
msgstr "Типове значення: 0 (вимкнено)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1356
+#: sssd.conf.5.xml:1408
msgid "cache_credentials (bool)"
msgstr "cache_credentials (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1359
+#: sssd.conf.5.xml:1411
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
"Визначає, чи слід також кешувати реєстраційні дані користувача у локальному "
"кеші LDB"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1363
+#: sssd.conf.5.xml:1415
msgid "User credentials are stored in a SHA512 hash, not in plaintext"
msgstr ""
"Реєстраційні дані користувача зберігаються у форматі хешу SHA512, а не у "
"форматі звичайного тексту"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1372
+#: sssd.conf.5.xml:1424
msgid "account_cache_expiration (integer)"
msgstr "account_cache_expiration (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1375
+#: sssd.conf.5.xml:1427
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -2078,17 +2199,17 @@ msgstr ""
"offline_credentials_expiration."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1382
+#: sssd.conf.5.xml:1434
msgid "Default: 0 (unlimited)"
msgstr "Типове значення: 0 (без обмежень)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1387
+#: sssd.conf.5.xml:1439
msgid "pwd_expiration_warning (integer)"
msgstr "pwd_expiration_warning (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1398
+#: sssd.conf.5.xml:1450
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -2101,17 +2222,17 @@ msgstr ""
"даних розпізнавання."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1405
+#: sssd.conf.5.xml:1457
msgid "Default: 7 (Kerberos), 0 (LDAP)"
msgstr "Типове значення: 7 (Kerberos), 0 (LDAP)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1411
+#: sssd.conf.5.xml:1463
msgid "id_provider (string)"
msgstr "id_provider (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1414
+#: sssd.conf.5.xml:1466
msgid ""
"The identification provider used for the domain. Supported ID providers are:"
msgstr ""
@@ -2119,17 +2240,17 @@ msgstr ""
"Серед підтримуваних засобів такі:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1418
+#: sssd.conf.5.xml:1470
msgid "<quote>proxy</quote>: Support a legacy NSS provider"
msgstr "«proxy»: підтримка застарілого модуля надання даних NSS"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1421 sssd.conf.5.xml:1539
+#: sssd.conf.5.xml:1473 sssd.conf.5.xml:1591
msgid "<quote>local</quote>: SSSD internal provider for local users"
msgstr "<quote>local</quote>: вбудований засіб SSSD для локальних користувачів"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1425
+#: sssd.conf.5.xml:1477
msgid ""
"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
@@ -2140,8 +2261,8 @@ msgstr ""
"refentrytitle> <manvolnum>5</manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1433 sssd.conf.5.xml:1519 sssd.conf.5.xml:1574
-#: sssd.conf.5.xml:1627
+#: sssd.conf.5.xml:1485 sssd.conf.5.xml:1571 sssd.conf.5.xml:1626
+#: sssd.conf.5.xml:1679
msgid ""
"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -2154,8 +2275,8 @@ msgstr ""
"manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1442 sssd.conf.5.xml:1528 sssd.conf.5.xml:1583
-#: sssd.conf.5.xml:1636
+#: sssd.conf.5.xml:1494 sssd.conf.5.xml:1580 sssd.conf.5.xml:1635
+#: sssd.conf.5.xml:1688
msgid ""
"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2167,12 +2288,12 @@ msgstr ""
"citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1453
+#: sssd.conf.5.xml:1505
msgid "use_fully_qualified_names (bool)"
msgstr "use_fully_qualified_names (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1456
+#: sssd.conf.5.xml:1508
msgid ""
"Use the full name and domain (as formatted by the domain's full_name_format) "
"as the user's login name reported to NSS."
@@ -2182,7 +2303,7 @@ msgstr ""
"NSS."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1461
+#: sssd.conf.5.xml:1513
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified names. "
"For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -2195,7 +2316,7 @@ msgstr ""
"не покаже користувача, а <command>getent passwd test@LOCAL</command> покаже."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1469
+#: sssd.conf.5.xml:1521
msgid ""
"NOTE: This option has no effect on netgroup lookups due to their tendency to "
"include nested netgroups without qualified names. For netgroups, all domains "
@@ -2206,17 +2327,17 @@ msgstr ""
"груп, якщо задано неповну назву, буде виконано пошук у всіх доменах."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1481
+#: sssd.conf.5.xml:1533
msgid "ignore_group_members (bool)"
msgstr "ignore_group_members (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1484
+#: sssd.conf.5.xml:1536
msgid "Do not return group members for group lookups."
msgstr "Не повертати записи учасників груп для пошуків груп."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1487
+#: sssd.conf.5.xml:1539
msgid ""
"If set to TRUE, the group membership attribute is not requested from the "
"ldap server, and group members are not returned when processing group lookup "
@@ -2227,12 +2348,12 @@ msgstr ""
"обробки запитів щодо пошуку груп."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1498
+#: sssd.conf.5.xml:1550
msgid "auth_provider (string)"
msgstr "auth_provider (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1501
+#: sssd.conf.5.xml:1553
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
@@ -2241,7 +2362,7 @@ msgstr ""
"служб розпізнавання:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1505 sssd.conf.5.xml:1567
+#: sssd.conf.5.xml:1557 sssd.conf.5.xml:1619
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2253,7 +2374,7 @@ msgstr ""
"citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1512
+#: sssd.conf.5.xml:1564
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2265,18 +2386,18 @@ msgstr ""
"citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1536
+#: sssd.conf.5.xml:1588
msgid ""
"<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr "<quote>proxy</quote> — трансльоване розпізнавання у іншій системі PAM."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1543
+#: sssd.conf.5.xml:1595
msgid "<quote>none</quote> disables authentication explicitly."
msgstr "<quote>none</quote> — вимкнути розпізнавання повністю."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1546
+#: sssd.conf.5.xml:1598
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
@@ -2285,12 +2406,12 @@ msgstr ""
"спосіб встановлено і можлива обробка запитів щодо розпізнавання."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1552
+#: sssd.conf.5.xml:1604
msgid "access_provider (string)"
msgstr "access_provider (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1555
+#: sssd.conf.5.xml:1607
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -2301,7 +2422,7 @@ msgstr ""
"Вбудованими програмами є:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1561
+#: sssd.conf.5.xml:1613
msgid ""
"<quote>permit</quote> always allow access. It's the only permitted access "
"provider for a local domain."
@@ -2310,12 +2431,12 @@ msgstr ""
"доступу для локального домену."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1564
+#: sssd.conf.5.xml:1616
msgid "<quote>deny</quote> always deny access."
msgstr "<quote>deny</quote> — завжди забороняти доступ."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1591
+#: sssd.conf.5.xml:1643
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
@@ -2328,17 +2449,17 @@ msgstr ""
"refentrytitle> <manvolnum>5</manvolnum></citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1598
+#: sssd.conf.5.xml:1650
msgid "Default: <quote>permit</quote>"
msgstr "Типове значення: <quote>permit</quote>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1603
+#: sssd.conf.5.xml:1655
msgid "chpass_provider (string)"
msgstr "chpass_provider (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1606
+#: sssd.conf.5.xml:1658
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
@@ -2347,7 +2468,7 @@ msgstr ""
"підтримку таких систем зміни паролів:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1611
+#: sssd.conf.5.xml:1663
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
@@ -2359,7 +2480,7 @@ msgstr ""
"manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1619
+#: sssd.conf.5.xml:1671
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2371,18 +2492,18 @@ msgstr ""
"citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1644
+#: sssd.conf.5.xml:1696
msgid ""
"<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr "<quote>proxy</quote> — трансльована зміна пароля у іншій системі PAM."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1648
+#: sssd.conf.5.xml:1700
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr "<quote>none</quote> — явно вимкнути можливість зміни пароля."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1651
+#: sssd.conf.5.xml:1703
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
@@ -2391,19 +2512,19 @@ msgstr ""
"цього параметра і якщо система здатна обробляти запити щодо паролів."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1658
+#: sssd.conf.5.xml:1710
msgid "sudo_provider (string)"
msgstr "sudo_provider (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1661
+#: sssd.conf.5.xml:1713
msgid "The SUDO provider used for the domain. Supported SUDO providers are:"
msgstr ""
"Служба SUDO, яку використано для цього домену. Серед підтримуваних служб "
"SUDO:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1665
+#: sssd.conf.5.xml:1717
msgid ""
"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2415,7 +2536,7 @@ msgstr ""
"citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1673
+#: sssd.conf.5.xml:1725
msgid ""
"<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default "
"settings."
@@ -2424,7 +2545,7 @@ msgstr ""
"параметрами IPA."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1677
+#: sssd.conf.5.xml:1729
msgid ""
"<quote>ad</quote> the same as <quote>ldap</quote> but with AD default "
"settings."
@@ -2433,20 +2554,20 @@ msgstr ""
"параметрами AD."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1681
+#: sssd.conf.5.xml:1733
msgid "<quote>none</quote> disables SUDO explicitly."
msgstr "<quote>none</quote> явним чином вимикає SUDO."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1684 sssd.conf.5.xml:1762 sssd.conf.5.xml:1794
-#: sssd.conf.5.xml:1819
+#: sssd.conf.5.xml:1736 sssd.conf.5.xml:1814 sssd.conf.5.xml:1846
+#: sssd.conf.5.xml:1871
msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
msgstr ""
"Типове значення: використовується значення <quote>id_provider</quote>, якщо "
"його встановлено."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1688
+#: sssd.conf.5.xml:1740
msgid ""
"The detailed instructions for configuration of sudo_provider are in the "
"manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> "
@@ -2465,12 +2586,12 @@ msgstr ""
"citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1705
+#: sssd.conf.5.xml:1757
msgid "selinux_provider (string)"
msgstr "selinux_provider (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1708
+#: sssd.conf.5.xml:1760
msgid ""
"The provider which should handle loading of selinux settings. Note that this "
"provider will be called right after access provider ends. Supported selinux "
@@ -2481,7 +2602,7 @@ msgstr ""
"доступу. Передбачено підтримку таких засобів надання даних SELinux:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1714
+#: sssd.conf.5.xml:1766
msgid ""
"<quote>ipa</quote> to load selinux settings from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2493,14 +2614,14 @@ msgstr ""
"manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1722
+#: sssd.conf.5.xml:1774
msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
msgstr ""
"<quote>none</quote> явним чином забороняє отримання даних щодо параметрів "
"SELinux."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1725
+#: sssd.conf.5.xml:1777
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"selinux loading requests."
@@ -2509,12 +2630,12 @@ msgstr ""
"спосіб встановлено і можлива обробка запитів щодо завантаження SELinux."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1731
+#: sssd.conf.5.xml:1783
msgid "subdomains_provider (string)"
msgstr "subdomains_provider (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1734
+#: sssd.conf.5.xml:1786
msgid ""
"The provider which should handle fetching of subdomains. This value should "
"be always the same as id_provider. Supported subdomain providers are:"
@@ -2524,7 +2645,7 @@ msgstr ""
"підтримку таких засобів надання даних піддоменів:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1740
+#: sssd.conf.5.xml:1792
msgid ""
"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2536,26 +2657,30 @@ msgstr ""
"manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1749
+#: sssd.conf.5.xml:1801
msgid ""
"<quote>ad</quote> to load a list of subdomains from an Active Directory "
"server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> "
"<manvolnum>5</manvolnum> </citerefentry> for more information on configuring "
"the AD provider."
msgstr ""
+"«ad», з якої слід завантажувати список піддоменів з сервера Active "
+"Directory. Див. <citerefentry> <refentrytitle>sssd-ad</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry>, щоб дізнатися більше про "
+"налаштовування засобу надання даних AD."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1758
+#: sssd.conf.5.xml:1810
msgid "<quote>none</quote> disallows fetching subdomains explicitly."
msgstr "<quote>none</quote> забороняє ячним чином отримання даних піддоменів."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1769
+#: sssd.conf.5.xml:1821
msgid "autofs_provider (string)"
msgstr "autofs_provider (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1772
+#: sssd.conf.5.xml:1824
msgid ""
"The autofs provider used for the domain. Supported autofs providers are:"
msgstr ""
@@ -2563,7 +2688,7 @@ msgstr ""
"autofs:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1776
+#: sssd.conf.5.xml:1828
msgid ""
"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2575,7 +2700,7 @@ msgstr ""
"citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1783
+#: sssd.conf.5.xml:1835
msgid ""
"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2587,17 +2712,17 @@ msgstr ""
"manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1791
+#: sssd.conf.5.xml:1843
msgid "<quote>none</quote> disables autofs explicitly."
msgstr "<quote>none</quote> вимикає autofs повністю."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1801
+#: sssd.conf.5.xml:1853
msgid "hostid_provider (string)"
msgstr "hostid_provider (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1804
+#: sssd.conf.5.xml:1856
msgid ""
"The provider used for retrieving host identity information. Supported "
"hostid providers are:"
@@ -2606,7 +2731,7 @@ msgstr ""
"вузла. Серед підтримуваних засобів надання hostid:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1808
+#: sssd.conf.5.xml:1860
msgid ""
"<quote>ipa</quote> to load host identity stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2618,12 +2743,12 @@ msgstr ""
"manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1816
+#: sssd.conf.5.xml:1868
msgid "<quote>none</quote> disables hostid explicitly."
msgstr "<quote>none</quote> вимикає hostid повністю."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1829
+#: sssd.conf.5.xml:1881
msgid ""
"Regular expression for this domain that describes how to parse the string "
"containing user name and domain into these components. The \"domain\" can "
@@ -2637,7 +2762,7 @@ msgstr ""
"IPA та доменів Active Directory, простій назві (NetBIOS) домену."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1838
+#: sssd.conf.5.xml:1890
msgid ""
"Default for the AD and IPA provider: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
"\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
@@ -2650,22 +2775,22 @@ msgstr ""
"різні стилі запису імен користувачів:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1843
+#: sssd.conf.5.xml:1895
msgid "username"
msgstr "користувач"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1846
+#: sssd.conf.5.xml:1898
msgid "username@domain.name"
msgstr "користувач@назва.домену"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1849
+#: sssd.conf.5.xml:1901
msgid "domain\\username"
msgstr "домен\\користувач"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1852
+#: sssd.conf.5.xml:1904
msgid ""
"While the first two correspond to the general default the third one is "
"introduced to allow easy integration of users from Windows domains."
@@ -2674,7 +2799,7 @@ msgstr ""
"того, щоб полегшити інтеграцію користувачів з доменів Windows."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1857
+#: sssd.conf.5.xml:1909
msgid ""
"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
"which translates to \"the name is everything up to the <quote>@</quote> "
@@ -2685,7 +2810,7 @@ msgstr ""
"домену — все після цього символу."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1863
+#: sssd.conf.5.xml:1915
msgid ""
"PLEASE NOTE: the support for non-unique named subpatterns is not available "
"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
@@ -2697,7 +2822,7 @@ msgstr ""
"платформах з версією libpcre 7."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1870
+#: sssd.conf.5.xml:1922
msgid ""
"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?"
"P&lt;name&gt;) to label subpatterns."
@@ -2707,17 +2832,17 @@ msgstr ""
"підшаблонів."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1917
+#: sssd.conf.5.xml:1969
msgid "Default: <quote>%1$s@%2$s</quote>."
msgstr "Типове значення: <quote>%1$s@%2$s</quote>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1923
+#: sssd.conf.5.xml:1975
msgid "lookup_family_order (string)"
msgstr "lookup_family_order (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1926
+#: sssd.conf.5.xml:1978
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
@@ -2726,48 +2851,48 @@ msgstr ""
"під час виконання пошуків у DNS."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1930
+#: sssd.conf.5.xml:1982
msgid "Supported values:"
msgstr "Передбачено підтримку таких значень:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1933
+#: sssd.conf.5.xml:1985
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr ""
"ipv4_first: спробувати визначити адресу у форматі IPv4, у разі невдачі "
"спробувати формат IPv6"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1936
+#: sssd.conf.5.xml:1988
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr ""
"ipv4_only: намагатися визначити назви вузлів лише у форматі адрес IPv4."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1939
+#: sssd.conf.5.xml:1991
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr ""
"ipv6_first: спробувати визначити адресу у форматі IPv6, у разі невдачі "
"спробувати формат IPv4"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1942
+#: sssd.conf.5.xml:1994
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr ""
"ipv6_only: намагатися визначити назви вузлів лише у форматі адрес IPv6."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1945
+#: sssd.conf.5.xml:1997
msgid "Default: ipv4_first"
msgstr "Типове значення: ipv4_first"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1951
+#: sssd.conf.5.xml:2003
msgid "dns_resolver_timeout (integer)"
msgstr "dns_resolver_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1954
+#: sssd.conf.5.xml:2006
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -2778,18 +2903,18 @@ msgstr ""
"очікування буде перевищено, домен продовжуватиме роботу у автономному режимі."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1960 sssd-ldap.5.xml:1184 sssd-ldap.5.xml:1226
-#: sssd-ldap.5.xml:1241 sssd-krb5.5.xml:239
+#: sssd.conf.5.xml:2012 sssd-ldap.5.xml:1184 sssd-ldap.5.xml:1226
+#: sssd-ldap.5.xml:1241 sssd-krb5.5.xml:248
msgid "Default: 6"
msgstr "Типове значення: 6"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1966
+#: sssd.conf.5.xml:2018
msgid "dns_discovery_domain (string)"
msgstr "dns_discovery_domain (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1969
+#: sssd.conf.5.xml:2021
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
@@ -2798,79 +2923,89 @@ msgstr ""
"частину запиту визначення служб DNS."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1973
+#: sssd.conf.5.xml:2025
msgid "Default: Use the domain part of machine's hostname"
msgstr ""
"Типова поведінка: використовувати назву домену з назви вузла комп’ютера."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1979
+#: sssd.conf.5.xml:2031
msgid "override_gid (integer)"
msgstr "override_gid (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1982
+#: sssd.conf.5.xml:2034
msgid "Override the primary GID value with the one specified."
msgstr "Замірити значення основного GID на вказане."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1988
+#: sssd.conf.5.xml:2040
msgid "case_sensitive (string)"
-msgstr ""
+msgstr "case_sensitive (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1996
+#: sssd.conf.5.xml:2048
msgid "True"
-msgstr ""
+msgstr "True"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1999
+#: sssd.conf.5.xml:2051
msgid "Case sensitive. This value is invalid for AD provider."
msgstr ""
+"Враховується регістр. Це значення є некоректним для засобу надання даних AD."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2005
+#: sssd.conf.5.xml:2057
msgid "False"
-msgstr ""
+msgstr "False"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2007
+#: sssd.conf.5.xml:2059
msgid "Case insensitive."
-msgstr ""
+msgstr "Без врахування регістру."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2011
+#: sssd.conf.5.xml:2063
msgid "Preserving"
-msgstr ""
+msgstr "Preserving"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2014
+#: sssd.conf.5.xml:2066
+#, fuzzy
+#| msgid ""
+#| "Same as False (case insensitive), but does not lowercase names in the "
+#| "output of getpwnam and getgrnam."
msgid ""
"Same as False (case insensitive), but does not lowercase names in the result "
"of NSS operations. Note that name aliases (and in case of services also "
"protocol names) are still lowercased in the output."
msgstr ""
+"Те саме, що і False (без врахування регістру), але не замінює великі літери "
+"на малі у назвах, виведених getpwnam та getgrnam."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1991
+#: sssd.conf.5.xml:2043
msgid ""
"Treat user and group names as case sensitive. At the moment, this option is "
"not supported in the local provider. Possible option values are: "
"<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
+"Враховувати регістр записів імен користувачів та назв груп. У поточній "
+"версії підтримку передбачено лише для локальних надавачів даних. Можливі "
+"значення параметра: <placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2026
+#: sssd.conf.5.xml:2078
msgid "Default: True (False for AD provider)"
-msgstr ""
+msgstr "Типове значення: True (False для засобу надання даних AD)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2032
+#: sssd.conf.5.xml:2084
msgid "proxy_fast_alias (boolean)"
msgstr "proxy_fast_alias (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2035
+#: sssd.conf.5.xml:2087
msgid ""
"When a user or group is looked up by name in the proxy provider, a second "
"lookup by ID is performed to \"canonicalize\" the name in case the requested "
@@ -2885,22 +3020,22 @@ msgstr ""
"у кеші, щоб пришвидшити надання результатів."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2049
+#: sssd.conf.5.xml:2101
msgid "subdomain_homedir (string)"
msgstr "subdomain_homedir (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2060
+#: sssd.conf.5.xml:2112
msgid "%F"
msgstr "%F"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2061
+#: sssd.conf.5.xml:2113
msgid "flat (NetBIOS) name of a subdomain."
msgstr "спрощена (NetBIOS) назва піддомену."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2052
+#: sssd.conf.5.xml:2104
msgid ""
"Use this homedir as default value for all subdomains within this domain in "
"IPA AD trust. See <emphasis>override_homedir</emphasis> for info about "
@@ -2915,7 +3050,7 @@ msgstr ""
"emphasis>. <placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2066
+#: sssd.conf.5.xml:2118
msgid ""
"The value can be overridden by <emphasis>override_homedir</emphasis> option."
msgstr ""
@@ -2923,17 +3058,17 @@ msgstr ""
"emphasis>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2070
+#: sssd.conf.5.xml:2122
msgid "Default: <filename>/home/%d/%u</filename>"
msgstr "Типове значення: <filename>/home/%d/%u</filename>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2075
+#: sssd.conf.5.xml:2127
msgid "realmd_tags (string)"
msgstr "realmd_tags (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2078
+#: sssd.conf.5.xml:2130
msgid ""
"Various tags stored by the realmd configuration service for this domain."
msgstr ""
@@ -2941,7 +3076,7 @@ msgstr ""
"домену."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1092
+#: sssd.conf.5.xml:1144
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
@@ -2952,17 +3087,17 @@ msgstr ""
"quote> <placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2091
+#: sssd.conf.5.xml:2143
msgid "proxy_pam_target (string)"
msgstr "proxy_pam_target (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2094
+#: sssd.conf.5.xml:2146
msgid "The proxy target PAM proxies to."
msgstr "Комп’ютер, для якого виконує проксі-сервер PAM."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2097
+#: sssd.conf.5.xml:2149
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
@@ -2971,12 +3106,12 @@ msgstr ""
"налаштуваннями pam або створити нові і тут додати назву служби."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2105
+#: sssd.conf.5.xml:2157
msgid "proxy_lib_name (string)"
msgstr "proxy_lib_name (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2108
+#: sssd.conf.5.xml:2160
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -2987,7 +3122,7 @@ msgstr ""
"наприклад _nss_files_getpwent."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:2087
+#: sssd.conf.5.xml:2139
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
"\"0\"/>"
@@ -2996,12 +3131,12 @@ msgstr ""
"\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:2120
+#: sssd.conf.5.xml:2172
msgid "The local domain section"
msgstr "Розділ локального домену"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:2122
+#: sssd.conf.5.xml:2174
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -3012,29 +3147,29 @@ msgstr ""
"використовує <replaceable>id_provider=local</replaceable>."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2129
+#: sssd.conf.5.xml:2181
msgid "default_shell (string)"
msgstr "default_shell (рядок)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2132
+#: sssd.conf.5.xml:2184
msgid "The default shell for users created with SSSD userspace tools."
msgstr ""
"Типова оболонка для записів користувачів, створених за допомогою "
"інструментів простору користувачів SSSD."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2136
+#: sssd.conf.5.xml:2188
msgid "Default: <filename>/bin/bash</filename>"
msgstr "Типове значення: <filename>/bin/bash</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2141
+#: sssd.conf.5.xml:2193
msgid "base_directory (string)"
msgstr "base_directory (рядок)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2144
+#: sssd.conf.5.xml:2196
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
@@ -3043,17 +3178,17 @@ msgstr ""
"replaceable> і використовують отриману адресу як адресу домашнього каталогу."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2149
+#: sssd.conf.5.xml:2201
msgid "Default: <filename>/home</filename>"
msgstr "Типове значення: <filename>/home</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2154
+#: sssd.conf.5.xml:2206
msgid "create_homedir (bool)"
msgstr "create_homedir (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2157
+#: sssd.conf.5.xml:2209
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
@@ -3062,17 +3197,17 @@ msgstr ""
"Може бути перевизначено з командного рядка."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2161 sssd.conf.5.xml:2173
+#: sssd.conf.5.xml:2213 sssd.conf.5.xml:2225
msgid "Default: TRUE"
msgstr "Типове значення: TRUE"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2166
+#: sssd.conf.5.xml:2218
msgid "remove_homedir (bool)"
msgstr "remove_homedir (булівське значення)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2169
+#: sssd.conf.5.xml:2221
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
@@ -3081,12 +3216,12 @@ msgstr ""
"користувачів. Може бути перевизначено з командного рядка."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2178
+#: sssd.conf.5.xml:2230
msgid "homedir_umask (integer)"
msgstr "homedir_umask (ціле число)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2181
+#: sssd.conf.5.xml:2233
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -3097,17 +3232,17 @@ msgstr ""
"до щойно створеного домашнього каталогу."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2189
+#: sssd.conf.5.xml:2241
msgid "Default: 077"
msgstr "Типове значення: 077"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2194
+#: sssd.conf.5.xml:2246
msgid "skel_dir (string)"
msgstr "skel_dir (рядок)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2197
+#: sssd.conf.5.xml:2249
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -3120,17 +3255,17 @@ msgstr ""
"<manvolnum>8</manvolnum> </citerefentry>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2207
+#: sssd.conf.5.xml:2259
msgid "Default: <filename>/etc/skel</filename>"
msgstr "Типове значення: <filename>/etc/skel</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2212
+#: sssd.conf.5.xml:2264
msgid "mail_dir (string)"
msgstr "mail_dir (рядок)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2215
+#: sssd.conf.5.xml:2267
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -3141,17 +3276,17 @@ msgstr ""
"каталог не вказано, буде використано типове значення."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2222
+#: sssd.conf.5.xml:2274
msgid "Default: <filename>/var/mail</filename>"
msgstr "Типове значення: <filename>/var/mail</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2227
+#: sssd.conf.5.xml:2279
msgid "userdel_cmd (string)"
msgstr "userdel_cmd (рядок)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2230
+#: sssd.conf.5.xml:2282
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -3162,19 +3297,19 @@ msgstr ""
"вилучається. Код виконання, повернутий програмою не обробляється."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2236
+#: sssd.conf.5.xml:2288
msgid "Default: None, no command is run"
msgstr "Типове значення: None, не виконувати жодних команд"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:2246 sssd-ldap.5.xml:2518 sssd-simple.5.xml:131
-#: sssd-ipa.5.xml:718 sssd-ad.5.xml:843 sssd-krb5.5.xml:519
+#: sssd.conf.5.xml:2298 sssd-ldap.5.xml:2569 sssd-simple.5.xml:131
+#: sssd-ipa.5.xml:718 sssd-ad.5.xml:843 sssd-krb5.5.xml:564
#: sss_rpcidmapd.5.xml:98
msgid "EXAMPLE"
msgstr "ПРИКЛАД"
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:2252
+#: sssd.conf.5.xml:2304
#, no-wrap
msgid ""
"[sssd]\n"
@@ -3228,7 +3363,7 @@ msgstr ""
"enumerate = False\n"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:2248
+#: sssd.conf.5.xml:2300
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -3728,8 +3863,13 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:363 sssd-ldap.5.xml:885
+#, fuzzy
+#| msgid ""
+#| "Default: ipaNTSecurityIdentifier for IPA, objectSID for other servers."
msgid "Default: objectSid for ActiveDirectory, not set for other servers."
msgstr ""
+"Типове значення: ipaNTSecurityIdentifier для IPA, objectSID для інших "
+"серверів."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:370
@@ -4137,7 +4277,7 @@ msgstr "Атрибут LDAP, який містить відкриті ключі
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:676
msgid "Default: sshPublicKey"
-msgstr ""
+msgstr "Типове значення: sshPublicKey"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:682
@@ -4197,7 +4337,7 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:725
msgid "Default: 10800 (3 hours)"
-msgstr ""
+msgstr "Типове значення: 10800 (3 години)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:731
@@ -4211,7 +4351,7 @@ msgstr "Атрибут LDAP, що відповідає повному імені
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:738 sssd-ldap.5.xml:831 sssd-ldap.5.xml:1058
-#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:2102 sssd-ldap.5.xml:2441
+#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:2153 sssd-ldap.5.xml:2492
#: sssd-ipa.5.xml:591
msgid "Default: cn"
msgstr "Типове значення: cn"
@@ -4554,11 +4694,6 @@ msgstr ""
"системах зі складною системою груп або системою груп з високим рівнем "
"вкладеності."
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1017
-msgid "ldap_use_tokengroups"
-msgstr "ldap_use_tokengroups"
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1020
msgid ""
@@ -4827,7 +4962,7 @@ msgstr ""
"дії TGT)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1258 sssd-ldap.5.xml:2259
+#: sssd-ldap.5.xml:1258 sssd-ldap.5.xml:2310
msgid "Default: 900 (15 minutes)"
msgstr "Типове значення: 900 (15 хвилин)"
@@ -5395,7 +5530,7 @@ msgstr ""
"filename>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:403 sssd-krb5.5.xml:453
+#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:403 sssd-krb5.5.xml:462
msgid "krb5_canonicalize (boolean)"
msgstr "krb5_canonicalize (булеве значення)"
@@ -5410,12 +5545,12 @@ msgstr ""
"версії MIT Kerberos >= 1.7"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1700 sssd-krb5.5.xml:468
+#: sssd-ldap.5.xml:1700 sssd-krb5.5.xml:477
msgid "krb5_use_kdcinfo (boolean)"
msgstr "krb5_use_kdcinfo (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1703 sssd-krb5.5.xml:471
+#: sssd-ldap.5.xml:1703 sssd-krb5.5.xml:480
msgid ""
"Specifies if the SSSD should instruct the Kerberos libraries what realm and "
"which KDCs to use. This option is on by default, if you disable it, you need "
@@ -5430,7 +5565,7 @@ msgstr ""
"<manvolnum>5</manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1714 sssd-krb5.5.xml:482
+#: sssd-ldap.5.xml:1714 sssd-krb5.5.xml:491
msgid ""
"See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</"
"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more "
@@ -5763,6 +5898,12 @@ msgstr "<emphasis>filter</emphasis>: використовувати ldap_access_
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1948
+#, fuzzy
+#| msgid ""
+#| "<emphasis>lockout</emphasis>: use account locking. If set, this option "
+#| "denies access in case that ldap attribute 'pwdAccountLockedTime' is "
+#| "present and has value of '000001010000Z'. Please see the option "
+#| "ldap_pwdlockout_dn."
msgid ""
"<emphasis>lockout</emphasis>: use account locking. If set, this option "
"denies access in case that ldap attribute 'pwdAccountLockedTime' is present "
@@ -5770,15 +5911,72 @@ msgid ""
"Please note that 'access_provider = ldap' must be set for this feature to "
"work."
msgstr ""
+"<emphasis>lockout</emphasis>: використовувати блокування облікових записів. "
+"Якщо встановлено, цей параметр забороняє доступ, якщо існує атрибут ldap "
+"«pwdAccountLockedTime» і його значенням є «000001010000Z». Будь ласка, "
+"ознайомтеся із документацією до параметра ldap_pwdlockout_dn."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1958
+msgid ""
+"<emphasis> Please note that this option is superseded by the <quote>ppolicy</"
+"quote> option and might be removed in a future release. </emphasis>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1965
+msgid ""
+"<emphasis>ppolicy</emphasis>: use account locking. If set, this option "
+"denies access in case that ldap attribute 'pwdAccountLockedTime' is present "
+"and has value of '000001010000Z' or represents any time in the past. The "
+"value of the 'pwdAccountLockedTime' attribute must end with 'Z', which "
+"denotes the UTC time zone. Other time zones are not currently supported and "
+"will result in \"access-denied\" when users attempt to log in. Please see "
+"the option ldap_pwdlockout_dn. Please note that 'access_provider = ldap' "
+"must be set for this feature to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1982
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr ""
"<emphasis>expire</emphasis>: використовувати ldap_account_expire_policy"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1962
+#: sssd-ldap.5.xml:1986
+msgid ""
+"<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, "
+"pwd_expire_policy_renew: </emphasis> These options are useful if users are "
+"interested in being warned that password is about to expire and "
+"authentication is based on using a different method than passwords - for "
+"example SSH keys."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1996
+msgid ""
+"The difference between these options is the action taken if user password is "
+"expired: pwd_expire_policy_reject - user is denied to log in, "
+"pwd_expire_policy_warn - user is still able to log in, "
+"pwd_expire_policy_renew - user is prompted to change his password "
+"immediately."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2004
+msgid ""
+"Note If user password is expired no explicit message is prompted by SSSD."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2008
+msgid ""
+"Please note that 'access_provider = ldap' must be set for this feature to "
+"work. Also 'ldap_pwd_policy' must be set to an appropriate password policy."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2013
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
@@ -5787,19 +5985,19 @@ msgstr ""
"можливості доступу атрибут authorizedService"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1967
+#: sssd-ldap.5.xml:2018
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
"<emphasis>host</emphasis>: за допомогою цього атрибута вузла можна визначити "
"права доступу"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1971
+#: sssd-ldap.5.xml:2022
msgid "Default: filter"
msgstr "Типове значення: filter"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1974
+#: sssd-ldap.5.xml:2025
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
@@ -5808,36 +6006,41 @@ msgstr ""
"використано декілька разів."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1981
+#: sssd-ldap.5.xml:2032
msgid "ldap_pwdlockout_dn (string)"
-msgstr ""
+msgstr "ldap_pwdlockout_dn (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1984
+#: sssd-ldap.5.xml:2035
msgid ""
"This option specifies the DN of password policy entry on LDAP server. Please "
"note that absence of this option in sssd.conf in case of enabled account "
"lockout checking will yield access denied as ppolicy attributes on LDAP "
"server cannot be checked properly."
msgstr ""
+"За допомогою цього параметра визначається DN запису правил поводження із "
+"паролями на сервері LDAP. Будь ласка, зауважте, що те, що цього параметра не "
+"буде у sssd.conf, у випадку увімкненого блокування облікових записів "
+"призведе до заборони доступу, оскільки атрибути ppolicy на сервері LDAP не "
+"можна буде перевірити належним чином."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1992
+#: sssd-ldap.5.xml:2043
msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com"
-msgstr ""
+msgstr "Приклад: cn=ppolicy,ou=policies,dc=example,dc=com"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1995
+#: sssd-ldap.5.xml:2046
msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base"
-msgstr ""
+msgstr "Типове значення: cn=ppolicy,ou=policies,$ldap_search_base"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2001
+#: sssd-ldap.5.xml:2052
msgid "ldap_deref (string)"
msgstr "ldap_deref (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2004
+#: sssd-ldap.5.xml:2055
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
@@ -5846,13 +6049,13 @@ msgstr ""
"пошуку. Можливі такі варіанти:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2009
+#: sssd-ldap.5.xml:2060
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr ""
"<emphasis>never</emphasis>: ніколи не виконувати розіменування псевдонімів."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2013
+#: sssd-ldap.5.xml:2064
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
@@ -5862,7 +6065,7 @@ msgstr ""
"пошуку."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2018
+#: sssd-ldap.5.xml:2069
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
@@ -5871,7 +6074,7 @@ msgstr ""
"під час визначення місця основного об’єкта пошуку."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2023
+#: sssd-ldap.5.xml:2074
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
@@ -5880,7 +6083,7 @@ msgstr ""
"час пошуку, так і під час визначення місця основного об’єкта пошуку."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2028
+#: sssd-ldap.5.xml:2079
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
@@ -5889,12 +6092,12 @@ msgstr ""
"сценарієм <emphasis>never</emphasis>)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2036
+#: sssd-ldap.5.xml:2087
msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
msgstr "ldap_rfc2307_fallback_to_local_users (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2039
+#: sssd-ldap.5.xml:2090
msgid ""
"Allows to retain local users as members of an LDAP group for servers that "
"use the RFC2307 schema."
@@ -5903,7 +6106,7 @@ msgstr ""
"серверів, у яких використовується схема RFC2307."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2043
+#: sssd-ldap.5.xml:2094
msgid ""
"In some environments where the RFC2307 schema is used, local users are made "
"members of LDAP groups by adding their names to the memberUid attribute. "
@@ -5921,7 +6124,7 @@ msgstr ""
"користувачів за допомогою виклику getpw*() або initgroups()."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2054
+#: sssd-ldap.5.xml:2105
msgid ""
"This option falls back to checking if local users are referenced, and caches "
"them so that later initgroups() calls will augment the local users with the "
@@ -5948,12 +6151,12 @@ msgstr ""
"<placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2070
+#: sssd-ldap.5.xml:2121
msgid "SUDO OPTIONS"
msgstr "ПАРАМЕТРИ SUDO"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2072
+#: sssd-ldap.5.xml:2123
msgid ""
"The detailed instructions for configuration of sudo_provider are in the "
"manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> "
@@ -5964,52 +6167,52 @@ msgstr ""
"<manvolnum>5</manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2083
+#: sssd-ldap.5.xml:2134
msgid "ldap_sudorule_object_class (string)"
msgstr "ldap_sudorule_object_class (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2086
+#: sssd-ldap.5.xml:2137
msgid "The object class of a sudo rule entry in LDAP."
msgstr "Клас об’єктів запису правила sudo у LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2089
+#: sssd-ldap.5.xml:2140
msgid "Default: sudoRole"
msgstr "Типове значення: sudoRole"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2095
+#: sssd-ldap.5.xml:2146
msgid "ldap_sudorule_name (string)"
msgstr "ldap_sudorule_name (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2098
+#: sssd-ldap.5.xml:2149
msgid "The LDAP attribute that corresponds to the sudo rule name."
msgstr "Атрибут LDAP, що відповідає назві правила sudo."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2108
+#: sssd-ldap.5.xml:2159
msgid "ldap_sudorule_command (string)"
msgstr "ldap_sudorule_command (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2111
+#: sssd-ldap.5.xml:2162
msgid "The LDAP attribute that corresponds to the command name."
msgstr "Атрибут LDAP, що відповідає назві команди."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2115
+#: sssd-ldap.5.xml:2166
msgid "Default: sudoCommand"
msgstr "Типове значення: sudoCommand"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2121
+#: sssd-ldap.5.xml:2172
msgid "ldap_sudorule_host (string)"
msgstr "ldap_sudorule_host (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2124
+#: sssd-ldap.5.xml:2175
msgid ""
"The LDAP attribute that corresponds to the host name (or host IP address, "
"host IP network, or host netgroup)"
@@ -6018,17 +6221,17 @@ msgstr ""
"вузла, мережевій групі вузла)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2129
+#: sssd-ldap.5.xml:2180
msgid "Default: sudoHost"
msgstr "Типове значення: sudoHost"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2135
+#: sssd-ldap.5.xml:2186
msgid "ldap_sudorule_user (string)"
msgstr "ldap_sudorule_user (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2138
+#: sssd-ldap.5.xml:2189
msgid ""
"The LDAP attribute that corresponds to the user name (or UID, group name or "
"user's netgroup)"
@@ -6037,32 +6240,32 @@ msgstr ""
"або назві мережевої групи користувача)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2142
+#: sssd-ldap.5.xml:2193
msgid "Default: sudoUser"
msgstr "Типове значення: sudoUser"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2148
+#: sssd-ldap.5.xml:2199
msgid "ldap_sudorule_option (string)"
msgstr "ldap_sudorule_option (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2151
+#: sssd-ldap.5.xml:2202
msgid "The LDAP attribute that corresponds to the sudo options."
msgstr "Атрибут LDAP, що відповідає параметрам sudo."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2155
+#: sssd-ldap.5.xml:2206
msgid "Default: sudoOption"
msgstr "Типове значення: sudoOption"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2161
+#: sssd-ldap.5.xml:2212
msgid "ldap_sudorule_runasuser (string)"
msgstr "ldap_sudorule_runasuser (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2164
+#: sssd-ldap.5.xml:2215
msgid ""
"The LDAP attribute that corresponds to the user name that commands may be "
"run as."
@@ -6071,17 +6274,17 @@ msgstr ""
"команди."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2168
+#: sssd-ldap.5.xml:2219
msgid "Default: sudoRunAsUser"
msgstr "Типове значення: sudoRunAsUser"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2174
+#: sssd-ldap.5.xml:2225
msgid "ldap_sudorule_runasgroup (string)"
msgstr "ldap_sudorule_runasgroup (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2177
+#: sssd-ldap.5.xml:2228
msgid ""
"The LDAP attribute that corresponds to the group name or group GID that "
"commands may be run as."
@@ -6090,17 +6293,17 @@ msgstr ""
"виконувати команди."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2181
+#: sssd-ldap.5.xml:2232
msgid "Default: sudoRunAsGroup"
msgstr "Типове значення: sudoRunAsGroup"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2187
+#: sssd-ldap.5.xml:2238
msgid "ldap_sudorule_notbefore (string)"
msgstr "ldap_sudorule_notbefore (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2190
+#: sssd-ldap.5.xml:2241
msgid ""
"The LDAP attribute that corresponds to the start date/time for when the sudo "
"rule is valid."
@@ -6108,49 +6311,49 @@ msgstr ""
"Атрибут LDAP, що відповідає даті і часу набуття чинності правилом sudo."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2194
+#: sssd-ldap.5.xml:2245
msgid "Default: sudoNotBefore"
msgstr "Типове значення: sudoNotBefore"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2200
+#: sssd-ldap.5.xml:2251
msgid "ldap_sudorule_notafter (string)"
msgstr "ldap_sudorule_notafter (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2203
+#: sssd-ldap.5.xml:2254
msgid ""
"The LDAP attribute that corresponds to the expiration date/time, after which "
"the sudo rule will no longer be valid."
msgstr "Атрибут LDAP, що відповідає даті і часу втрати чинності правилом sudo."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2208
+#: sssd-ldap.5.xml:2259
msgid "Default: sudoNotAfter"
msgstr "Типове значення: sudoNotAfter"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2214
+#: sssd-ldap.5.xml:2265
msgid "ldap_sudorule_order (string)"
msgstr "ldap_sudorule_order (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2217
+#: sssd-ldap.5.xml:2268
msgid "The LDAP attribute that corresponds to the ordering index of the rule."
msgstr "Атрибут LDAP, що відповідає порядковому номеру правила."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2221
+#: sssd-ldap.5.xml:2272
msgid "Default: sudoOrder"
msgstr "Типове значення: sudoOrder"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2227
+#: sssd-ldap.5.xml:2278
msgid "ldap_sudo_full_refresh_interval (integer)"
msgstr "ldap_sudo_full_refresh_interval (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2230
+#: sssd-ldap.5.xml:2281
msgid ""
"How many seconds SSSD will wait between executing a full refresh of sudo "
"rules (which downloads all rules that are stored on the server)."
@@ -6160,7 +6363,7 @@ msgstr ""
"набір правил, що зберігаються на сервері."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2235
+#: sssd-ldap.5.xml:2286
msgid ""
"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </"
"emphasis>"
@@ -6169,17 +6372,17 @@ msgstr ""
"<emphasis>ldap_sudo_smart_refresh_interval </emphasis>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2240
+#: sssd-ldap.5.xml:2291
msgid "Default: 21600 (6 hours)"
msgstr "Типове значення: 21600 (6 годин)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2246
+#: sssd-ldap.5.xml:2297
msgid "ldap_sudo_smart_refresh_interval (integer)"
msgstr "ldap_sudo_smart_refresh_interval (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2249
+#: sssd-ldap.5.xml:2300
msgid ""
"How many seconds SSSD has to wait before executing a smart refresh of sudo "
"rules (which downloads all rules that have USN higher than the highest USN "
@@ -6190,7 +6393,7 @@ msgstr ""
"правил, USN яких перевищує найбільше значення USN у кешованих правилах."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2255
+#: sssd-ldap.5.xml:2306
msgid ""
"If USN attributes are not supported by the server, the modifyTimestamp "
"attribute is used instead."
@@ -6199,12 +6402,12 @@ msgstr ""
"дані атрибута modifyTimestamp."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2265
+#: sssd-ldap.5.xml:2316
msgid "ldap_sudo_use_host_filter (boolean)"
msgstr "ldap_sudo_use_host_filter (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2268
+#: sssd-ldap.5.xml:2319
msgid ""
"If true, SSSD will download only rules that are applicable to this machine "
"(using the IPv4 or IPv6 host/network addresses and hostnames)."
@@ -6214,12 +6417,12 @@ msgstr ""
"назв вузлів)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2279
+#: sssd-ldap.5.xml:2330
msgid "ldap_sudo_hostnames (string)"
msgstr "ldap_sudo_hostnames (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2282
+#: sssd-ldap.5.xml:2333
msgid ""
"Space separated list of hostnames or fully qualified domain names that "
"should be used to filter the rules."
@@ -6228,7 +6431,7 @@ msgstr ""
"фільтрування списку правил."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2287
+#: sssd-ldap.5.xml:2338
msgid ""
"If this option is empty, SSSD will try to discover the hostname and the "
"fully qualified domain name automatically."
@@ -6237,8 +6440,8 @@ msgstr ""
"назву вузла та повну назву комп’ютера у домені у автоматичному режимі."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2292 sssd-ldap.5.xml:2315 sssd-ldap.5.xml:2333
-#: sssd-ldap.5.xml:2351
+#: sssd-ldap.5.xml:2343 sssd-ldap.5.xml:2366 sssd-ldap.5.xml:2384
+#: sssd-ldap.5.xml:2402
msgid ""
"If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</"
"emphasis> then this option has no effect."
@@ -6247,17 +6450,17 @@ msgstr ""
"<emphasis>false</emphasis>, цей параметр ні на що не впливатиме."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2297 sssd-ldap.5.xml:2320
+#: sssd-ldap.5.xml:2348 sssd-ldap.5.xml:2371
msgid "Default: not specified"
msgstr "Типове значення: не вказано"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2303
+#: sssd-ldap.5.xml:2354
msgid "ldap_sudo_ip (string)"
msgstr "ldap_sudo_ip (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2306
+#: sssd-ldap.5.xml:2357
msgid ""
"Space separated list of IPv4 or IPv6 host/network addresses that should be "
"used to filter the rules."
@@ -6266,7 +6469,7 @@ msgstr ""
"правил."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2311
+#: sssd-ldap.5.xml:2362
msgid ""
"If this option is empty, SSSD will try to discover the addresses "
"automatically."
@@ -6275,12 +6478,12 @@ msgstr ""
"адресу у автоматичному режимі."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2326
+#: sssd-ldap.5.xml:2377
msgid "ldap_sudo_include_netgroups (boolean)"
msgstr "ldap_sudo_include_netgroups (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2329
+#: sssd-ldap.5.xml:2380
msgid ""
"If true then SSSD will download every rule that contains a netgroup in "
"sudoHost attribute."
@@ -6289,12 +6492,12 @@ msgstr ""
"мережеву групу (netgroup) у атрибуті sudoHost."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2344
+#: sssd-ldap.5.xml:2395
msgid "ldap_sudo_include_regexp (boolean)"
msgstr "ldap_sudo_include_regexp (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2347
+#: sssd-ldap.5.xml:2398
msgid ""
"If true then SSSD will download every rule that contains a wildcard in "
"sudoHost attribute."
@@ -6303,7 +6506,7 @@ msgstr ""
"заміни у атрибуті sudoHost."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2363
+#: sssd-ldap.5.xml:2414
msgid ""
"This manual page only describes attribute name mapping. For detailed "
"explanation of sudo related attribute semantics, see <citerefentry> "
@@ -6316,12 +6519,12 @@ msgstr ""
"refentrytitle><manvolnum>5</manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2373
+#: sssd-ldap.5.xml:2424
msgid "AUTOFS OPTIONS"
msgstr "ПАРАМЕТРИ AUTOFS"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2375
+#: sssd-ldap.5.xml:2426
msgid ""
"Please note that the default values correspond to the default schema which "
"is RFC2307."
@@ -6330,62 +6533,62 @@ msgstr ""
"визначено у RFC2307."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2381
+#: sssd-ldap.5.xml:2432
msgid "ldap_autofs_map_master_name (string)"
msgstr "ldap_autofs_map_master_name (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2384
+#: sssd-ldap.5.xml:2435
msgid "The name of the automount master map in LDAP."
msgstr "Назва основної карти автоматичного монтування у LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2387
+#: sssd-ldap.5.xml:2438
msgid "Default: auto.master"
msgstr "Типове значення: auto.master"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2394
+#: sssd-ldap.5.xml:2445
msgid "ldap_autofs_map_object_class (string)"
msgstr "ldap_autofs_map_object_class (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2397 sssd-ldap.5.xml:2423
+#: sssd-ldap.5.xml:2448 sssd-ldap.5.xml:2474
msgid "The object class of an automount map entry in LDAP."
msgstr "Клас об’єктів запису карти автоматичного монтування у LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2400 sssd-ldap.5.xml:2427
+#: sssd-ldap.5.xml:2451 sssd-ldap.5.xml:2478
msgid "Default: automountMap"
msgstr "Типове значення: automountMap"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2407
+#: sssd-ldap.5.xml:2458
msgid "ldap_autofs_map_name (string)"
msgstr "ldap_autofs_map_name (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2410
+#: sssd-ldap.5.xml:2461
msgid "The name of an automount map entry in LDAP."
msgstr "Назва запису карти автоматичного монтування у LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2413
+#: sssd-ldap.5.xml:2464
msgid "Default: ou"
msgstr "Типове значення: ou"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2420
+#: sssd-ldap.5.xml:2471
msgid "ldap_autofs_entry_object_class (string)"
msgstr "ldap_autofs_entry_object_class (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2434
+#: sssd-ldap.5.xml:2485
msgid "ldap_autofs_entry_key (string)"
msgstr "ldap_autofs_entry_key (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2437 sssd-ldap.5.xml:2451
+#: sssd-ldap.5.xml:2488 sssd-ldap.5.xml:2502
msgid ""
"The key of an automount entry in LDAP. The entry usually corresponds to a "
"mount point."
@@ -6394,17 +6597,17 @@ msgstr ""
"точні монтування."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2448
+#: sssd-ldap.5.xml:2499
msgid "ldap_autofs_entry_value (string)"
msgstr "ldap_autofs_entry_value (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2455
+#: sssd-ldap.5.xml:2506
msgid "Default: automountInformation"
msgstr "Типове значення: automountInformation"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2379
+#: sssd-ldap.5.xml:2430
msgid ""
"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
@@ -6417,32 +6620,32 @@ msgstr ""
"\"variablelist\" id=\"4\"/> <placeholder type=\"variablelist\" id=\"5\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2465
+#: sssd-ldap.5.xml:2516
msgid "ADVANCED OPTIONS"
msgstr "ДОДАТКОВІ ПАРАМЕТРИ"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2472
+#: sssd-ldap.5.xml:2523
msgid "ldap_netgroup_search_base (string)"
msgstr "ldap_netgroup_search_base (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2477
+#: sssd-ldap.5.xml:2528
msgid "ldap_user_search_base (string)"
msgstr "ldap_user_search_base (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2482
+#: sssd-ldap.5.xml:2533
msgid "ldap_group_search_base (string)"
msgstr "ldap_group_search_base (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><note>
-#: sssd-ldap.5.xml:2487
+#: sssd-ldap.5.xml:2538
msgid "<note>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para>
-#: sssd-ldap.5.xml:2489
+#: sssd-ldap.5.xml:2540
msgid ""
"If the option <quote>ldap_use_tokengroups</quote> is enabled. The searches "
"against Active Directory will not be restricted and return all groups "
@@ -6451,22 +6654,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist>
-#: sssd-ldap.5.xml:2496
+#: sssd-ldap.5.xml:2547
msgid "</note>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2498
+#: sssd-ldap.5.xml:2549
msgid "ldap_sudo_search_base (string)"
msgstr "ldap_sudo_search_base (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2503
+#: sssd-ldap.5.xml:2554
msgid "ldap_autofs_search_base (string)"
msgstr "ldap_autofs_search_base (рядок)"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2467
+#: sssd-ldap.5.xml:2518
#, fuzzy
#| msgid ""
#| "These options are supported by LDAP domains, but they should be used with "
@@ -6483,7 +6686,7 @@ msgstr ""
"відомі наслідки ваших дій. <placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2520
+#: sssd-ldap.5.xml:2571
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -6494,7 +6697,7 @@ msgstr ""
"<replaceable>[domains]</replaceable>."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2526
+#: sssd-ldap.5.xml:2577
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -6514,19 +6717,19 @@ msgstr ""
" cache_credentials = true\n"
#. type: Content of: <refsect1><refsect2><para>
-#: sssd-ldap.5.xml:2525 sssd-ldap.5.xml:2543 sssd-simple.5.xml:139
+#: sssd-ldap.5.xml:2576 sssd-ldap.5.xml:2594 sssd-simple.5.xml:139
#: sssd-ipa.5.xml:726 sssd-ad.5.xml:851 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98
-#: sssd-krb5.5.xml:528 include/ldap_id_mapping.xml:105
+#: sssd-krb5.5.xml:573 include/ldap_id_mapping.xml:105
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr "<placeholder type=\"programlisting\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2537
+#: sssd-ldap.5.xml:2588
msgid "LDAP ACCESS FILTER EXAMPLE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2539
+#: sssd-ldap.5.xml:2590
#, fuzzy
#| msgid ""
#| "The following example assumes that SSSD is correctly configured and LDAP "
@@ -6541,7 +6744,7 @@ msgstr ""
"<replaceable>[domains]</replaceable>."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2544
+#: sssd-ldap.5.xml:2595
#, fuzzy, no-wrap
#| msgid ""
#| " [domain/LDAP]\n"
@@ -6572,13 +6775,13 @@ msgstr ""
" cache_credentials = true\n"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2559 sssd_krb5_locator_plugin.8.xml:61
+#: sssd-ldap.5.xml:2610 sssd_krb5_locator_plugin.8.xml:61
#: sssd-simple.5.xml:148 sssd-ad.5.xml:866 sssd.8.xml:195 sss_seed.8.xml:163
msgid "NOTES"
msgstr "ЗАУВАЖЕННЯ"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2561
+#: sssd-ldap.5.xml:2612
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -6621,6 +6824,14 @@ msgid ""
"arg> <arg choice='opt'> <replaceable>ignore_authinfo_unavail</replaceable> </"
"arg> <arg choice='opt'> <replaceable>domains=X</replaceable> </arg>"
msgstr ""
+"<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</"
+"replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</"
+"replaceable> </arg> <arg choice='opt'> <replaceable>use_first_pass</"
+"replaceable> </arg> <arg choice='opt'> <replaceable>use_authtok</"
+"replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> </"
+"arg> <arg choice='opt'> <replaceable>ignore_unknown_user</replaceable> </"
+"arg> <arg choice='opt'> <replaceable>ignore_authinfo_unavail</replaceable> </"
+"arg> <arg choice='opt'> <replaceable>domains=X</replaceable> </arg>"
#. type: Content of: <reference><refentry><refsect1><para>
#: pam_sss.8.xml:54
@@ -6747,7 +6958,7 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: pam_sss.8.xml:138
msgid "<option>domains</option>"
-msgstr ""
+msgstr "<option>domains</option>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: pam_sss.8.xml:142
@@ -6756,6 +6967,9 @@ msgid ""
"allowed to authenticate against. The format is a comma-separated list of "
"SSSD domain names, as specified in the sssd.conf file."
msgstr ""
+"Надає змогу адміністратору обмежити домен певною службою PAM, за допомогою "
+"якої можна буде виконувати розпізнавання. Формат значення: список назв "
+"доменів SSSD, відокремлених комами, так, як їх вказано у файлі sssd.conf."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: pam_sss.8.xml:148
@@ -6766,6 +6980,11 @@ msgid ""
"manvolnum> </citerefentry> manual page for more information on these two PAM "
"responder options."
msgstr ""
+"Зауваження: слід використовувати разом із параметрами «pam_trusted_users» і "
+"«pam_public_domains». Будь ласка, ознайомтеся із сторінкою підручника "
+"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</\n"
+"manvolnum> </citerefentry>, щоб дізнатися більше про ці два параметри "
+"відповідача PAM."
#. type: Content of: <reference><refentry><refsect1><title>
#: pam_sss.8.xml:164
@@ -7533,20 +7752,23 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ipa.5.xml:352
msgid "ipa_views_search_base (string)"
-msgstr ""
+msgstr "ipa_views_search_base (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:355
msgid "Optional. Use the given string as search base for views containers."
msgstr ""
+"Необов’язковий. Використати вказаний рядок як основу пошуку контейнерів "
+"перегляду."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:364
msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>"
msgstr ""
+"Типове значення: значення <emphasis>cn=views,cn=accounts,%basedn</emphasis>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:371 sssd-krb5.5.xml:245
+#: sssd-ipa.5.xml:371 sssd-krb5.5.xml:254
msgid "krb5_validate (boolean)"
msgstr "krb5_validate (булеве значення)"
@@ -7597,12 +7819,12 @@ msgstr ""
"запитів AS. Цю можливість передбачено з версії MIT Kerberos >= 1.7"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:419 sssd-krb5.5.xml:407
+#: sssd-ipa.5.xml:419 sssd-krb5.5.xml:416
msgid "krb5_use_fast (string)"
msgstr "krb5_use_fast (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:422 sssd-krb5.5.xml:410
+#: sssd-ipa.5.xml:422 sssd-krb5.5.xml:419
msgid ""
"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-"
"authentication. The following options are supported:"
@@ -7628,7 +7850,7 @@ msgstr ""
"еквівалентно невстановленню значення цього параметра взагалі."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:436 sssd-krb5.5.xml:424
+#: sssd-ipa.5.xml:436 sssd-krb5.5.xml:433
msgid ""
"<emphasis>demand</emphasis> to use FAST. The authentication fails if the "
"server does not require fast."
@@ -7642,7 +7864,7 @@ msgid "Default: try"
msgstr "Типове значення: try"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:444 sssd-krb5.5.xml:435
+#: sssd-ipa.5.xml:444 sssd-krb5.5.xml:444
msgid ""
"NOTE: SSSD supports FAST only with MIT Kerberos version 1.8 and later. If "
"SSSD is used with an older version of MIT Kerberos, using this option is a "
@@ -7803,52 +8025,52 @@ msgstr "Типове значення: адреса з назвою \"default\""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
#: sssd-ipa.5.xml:563
msgid "VIEWS AND OVERRIDES"
-msgstr ""
+msgstr "ПЕРЕГЛЯДИ і ПЕРЕВИЗНАЧЕННЯ"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd-ipa.5.xml:572
msgid "ipa_view_class (string)"
-msgstr ""
+msgstr "ipa_view_class (рядок)"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:575
msgid "Objectclass of the view container."
-msgstr ""
+msgstr "Клас об’єктів для контейнерів перегляду."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:578
msgid "Default: nsContainer"
-msgstr ""
+msgstr "Типове значення: nsContainer"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd-ipa.5.xml:584
msgid "ipa_view_name (string)"
-msgstr ""
+msgstr "ipa_view_name (рядок)"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:587
msgid "Name of the attribute holding the name of the view."
-msgstr ""
+msgstr "Назва атрибута, у якому зберігається назва перегляду."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd-ipa.5.xml:597
msgid "ipa_overide_object_class (string)"
-msgstr ""
+msgstr "ipa_overide_object_class (рядок)"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:600
msgid "Objectclass of the override objects."
-msgstr ""
+msgstr "Клас об’єктів для об’єктів перевизначення"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:603
msgid "Default: ipaOverrideAnchor"
-msgstr ""
+msgstr "Типове значення: ipaOverrideAnchor"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd-ipa.5.xml:609
msgid "ipa_anchor_uuid (string)"
-msgstr ""
+msgstr "ipa_anchor_uuid (рядок)"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:612
@@ -7856,16 +8078,18 @@ msgid ""
"Name of the attribute containing the reference to the original object in a "
"remote domain."
msgstr ""
+"Назва атрибута, у якому зберігається посилання на початковий об’єкт на "
+"віддаленому домені."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:616
msgid "Default: ipaAnchorUUID"
-msgstr ""
+msgstr "Типове значення: ipaAnchorUUID"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd-ipa.5.xml:622
msgid "ipa_user_override_object_class (string)"
-msgstr ""
+msgstr "ipa_user_override_object_class (рядок)"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:625
@@ -7873,41 +8097,44 @@ msgid ""
"Name of the objectclass for user overrides. It is used to determine if the "
"found override object is related to a user or a group."
msgstr ""
+"Назва класу об’єктів для перевизначень користувачів. Використовується для "
+"визначення того, чи знайдений об’єкт перевизначення пов’язано з користувачем "
+"або групою."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:630
msgid "User overrides can contain attributes given by"
-msgstr ""
+msgstr "Перевизначення користувачів можуть містити атрибути, задані"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ipa.5.xml:633
msgid "ldap_user_name"
-msgstr ""
+msgstr "ldap_user_name"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ipa.5.xml:636
msgid "ldap_user_uid_number"
-msgstr ""
+msgstr "ldap_user_uid_number"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ipa.5.xml:639
msgid "ldap_user_gid_number"
-msgstr ""
+msgstr "ldap_user_gid_number"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ipa.5.xml:642
msgid "ldap_user_gecos"
-msgstr ""
+msgstr "ldap_user_gecos"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ipa.5.xml:645
msgid "ldap_user_home_directory"
-msgstr ""
+msgstr "ldap_user_home_directory"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ipa.5.xml:648
msgid "ldap_user_shell"
-msgstr ""
+msgstr "ldap_user_shell"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ipa.5.xml:651
@@ -7919,12 +8146,12 @@ msgstr "ldap_user_ssh_public_key (рядок)"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:656
msgid "Default: ipaUserOverride"
-msgstr ""
+msgstr "Типове значення: ipaUserOverride"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd-ipa.5.xml:662
msgid "ipa_group_override_object_class (string)"
-msgstr ""
+msgstr "ipa_group_override_object_class (рядок)"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:665
@@ -7932,26 +8159,28 @@ msgid ""
"Name of the objectclass for group overrides. It is used to determine if the "
"found override object is related to a user or a group."
msgstr ""
+"Назва класу об’єктів для перевизначень груп. Використовується для визначення "
+"того, чи знайдений об’єкт перевизначення пов’язано з користувачем або групою."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:670
msgid "Group overrides can contain attributes given by"
-msgstr ""
+msgstr "Перевизначення груп можуть містити атрибути, задані"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ipa.5.xml:673
msgid "ldap_group_name"
-msgstr ""
+msgstr "ldap_group_name"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ipa.5.xml:676
msgid "ldap_group_gid_number"
-msgstr ""
+msgstr "ldap_group_gid_number"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:681
msgid "Default: ipaGroupOverride"
-msgstr ""
+msgstr "Типове значення: ipaGroupOverride"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
#: sssd-ipa.5.xml:565
@@ -7962,6 +8191,11 @@ msgid ""
"related options are listed here with their default values. <placeholder "
"type=\"variablelist\" id=\"0\"/>"
msgstr ""
+"SSSD може обробляти перегляди та перевизначення, які пропонуються FreeIPA "
+"4.1 та новішими версіями. Оскільки усі шляхи і класи об’єктів зафіксовано на "
+"боці сервера, в основному, немає потреби у додатковому налаштовуванні. Для "
+"повноти, усі відповідні параметри наведено у списку разом з їхніми типовими "
+"значеннями. <placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
#: sssd-ipa.5.xml:691
@@ -8504,7 +8738,7 @@ msgstr "Типове значення: permissive"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ad.5.xml:334
msgid "ad_gpo_cache_timeout (integer)"
-msgstr ""
+msgstr "ad_gpo_cache_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:337
@@ -8513,11 +8747,14 @@ msgid ""
"server. This will reduce the latency and load on the AD server if there are "
"many access-control requests made in a short period."
msgstr ""
+"Проміжок часу між послідовними пошуками файлів правил GPO щодо сервера AD. "
+"Зміна може зменшити час затримки та навантаження на сервер AD, якщо протягом "
+"короткого періоду часу надходить багато запитів щодо керування доступом."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ad.5.xml:350
msgid "ad_gpo_map_interactive (string)"
-msgstr ""
+msgstr "ad_gpo_map_interactive (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:353
@@ -8526,6 +8763,9 @@ msgid ""
"control is evaluated based on the InteractiveLogonRight and "
"DenyInteractiveLogonRight policy settings."
msgstr ""
+"Список назв служб PAM, відокремлених комами, для яких керування доступом на "
+"основі GPO виконуватиметься на основі параметрів правил "
+"InteractiveLogonRight і DenyInteractiveLogonRight."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:359
@@ -8542,6 +8782,8 @@ msgid ""
" ad_gpo_map_interactive = +my_pam_service, -login\n"
" "
msgstr ""
+" ad_gpo_map_interactive = +my_pam_service, -login\n"
+" "
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:364
@@ -8554,52 +8796,60 @@ msgid ""
"<quote>my_pam_service</quote>), you would use the following configuration: "
"<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
+"Можна додати іншу назву служби PAM до типового набору за допомогою "
+"конструкції «+назва_служби» або явним чином вилучити назву служби PAM з "
+"типового набору за допомогою конструкції «-назва_служби». Наприклад, щоб "
+"замінити типову назву служби PAM для цього входу (наприклад, «login») з "
+"нетиповою назвою служби pam (наприклад, «my_pam_service»), вам слід "
+"скористатися такими налаштуваннями: <placeholder type=\"programlisting\" id="
+"\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:377 sssd-ad.5.xml:448 sssd-ad.5.xml:483 sssd-ad.5.xml:523
#: sssd-ad.5.xml:584
msgid "Default: the default set of PAM service names includes:"
msgstr ""
+"Типове значення: типовий набір назв служб PAM складається з таких значень:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ad.5.xml:381
msgid "login"
-msgstr ""
+msgstr "login"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ad.5.xml:386
msgid "su"
-msgstr ""
+msgstr "su"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ad.5.xml:391
msgid "su-l"
-msgstr ""
+msgstr "su-l"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ad.5.xml:396
msgid "gdm-fingerprint"
-msgstr ""
+msgstr "gdm-fingerprint"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ad.5.xml:401
msgid "gdm-password"
-msgstr ""
+msgstr "gdm-password"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ad.5.xml:406
msgid "gdm-smartcard"
-msgstr ""
+msgstr "gdm-smartcard"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ad.5.xml:411
msgid "kdm"
-msgstr ""
+msgstr "kdm"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ad.5.xml:420
msgid "ad_gpo_map_remote_interactive (string)"
-msgstr ""
+msgstr "ad_gpo_map_remote_interactive (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:423
@@ -8608,6 +8858,9 @@ msgid ""
"control is evaluated based on the RemoteInteractiveLogonRight and "
"DenyRemoteInteractiveLogonRight policy settings."
msgstr ""
+"Список назв служб PAM, відокремлених комами, для яких керування доступом на "
+"основі GPO засновано на параметрах захисту RemoteInteractiveLogonRight і "
+"DenyRemoteInteractiveLogonRight."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:429
@@ -8624,6 +8877,8 @@ msgid ""
" ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n"
" "
msgstr ""
+" ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n"
+" "
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:435
@@ -8636,16 +8891,23 @@ msgid ""
"<quote>my_pam_service</quote>), you would use the following configuration: "
"<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
+"Можна додати іншу назву служби PAM до типового набору за допомогою "
+"конструкції «+назва_служби» або явним чином вилучити назву служби PAM з "
+"типового набору за допомогою конструкції «-назва_служби». Наприклад, щоб "
+"замінити типову назву служби PAM для цього входу (наприклад, «sshd») з "
+"нетиповою назвою служби pam (наприклад, «my_pam_service»), вам слід "
+"скористатися такими налаштуваннями: <placeholder type=\"programlisting\" id="
+"\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ad.5.xml:452
msgid "sshd"
-msgstr ""
+msgstr "sshd"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ad.5.xml:461
msgid "ad_gpo_map_network (string)"
-msgstr ""
+msgstr "ad_gpo_map_network (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:464
@@ -8654,6 +8916,9 @@ msgid ""
"control is evaluated based on the NetworkLogonRight and "
"DenyNetworkLogonRight policy settings."
msgstr ""
+"Список назв служб PAM, відокремлених комами, для яких керування доступом на "
+"основі GPO засновано на параметрах захисту NetworkLogonRight і "
+"DenyNetworkLogonRight."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
#: sssd-ad.5.xml:479
@@ -8662,6 +8927,8 @@ msgid ""
" ad_gpo_map_network = +my_pam_service, -ftp\n"
" "
msgstr ""
+" ad_gpo_map_network = +my_pam_service, -ftp\n"
+" "
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:470
@@ -8674,21 +8941,28 @@ msgid ""
"<quote>my_pam_service</quote>), you would use the following configuration: "
"<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
+"Можна додати іншу назву служби PAM до типового набору за допомогою "
+"конструкції «+назва_служби» або явним чином вилучити назву служби PAM з "
+"типового набору за допомогою конструкції «-назва_служби». Наприклад, щоб "
+"замінити типову назву служби PAM для цього входу (наприклад, «ftp») з "
+"нетиповою назвою служби pam (наприклад, «my_pam_service»), вам слід "
+"скористатися такими налаштуваннями: <placeholder type=\"programlisting\" id="
+"\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ad.5.xml:487
msgid "ftp"
-msgstr ""
+msgstr "ftp"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ad.5.xml:492
msgid "samba"
-msgstr ""
+msgstr "samba"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ad.5.xml:501
msgid "ad_gpo_map_batch (string)"
-msgstr ""
+msgstr "ad_gpo_map_batch (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:504
@@ -8697,6 +8971,9 @@ msgid ""
"control is evaluated based on the BatchLogonRight and DenyBatchLogonRight "
"policy settings."
msgstr ""
+"Список назв служб PAM, відокремлених комами, для яких керування доступом на "
+"основі GPO засновано на параметрах захисту BatchLogonRight і "
+"DenyBatchLogonRight."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
#: sssd-ad.5.xml:519
@@ -8705,6 +8982,8 @@ msgid ""
" ad_gpo_map_batch = +my_pam_service, -crond\n"
" "
msgstr ""
+" ad_gpo_map_batch = +my_pam_service, -crond\n"
+" "
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:510
@@ -8717,16 +8996,23 @@ msgid ""
"<quote>my_pam_service</quote>), you would use the following configuration: "
"<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
+"Можна додати іншу назву служби PAM до типового набору за допомогою "
+"конструкції «+назва_служби» або явним чином вилучити назву служби PAM з "
+"типового набору за допомогою конструкції «-назва_служби». Наприклад, щоб "
+"замінити типову назву служби PAM для цього входу (наприклад, «crond») з "
+"нетиповою назвою служби pam (наприклад, «my_pam_service»), вам слід "
+"скористатися такими налаштуваннями: <placeholder type=\"programlisting\" id="
+"\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ad.5.xml:527
msgid "crond"
-msgstr ""
+msgstr "crond"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ad.5.xml:536
msgid "ad_gpo_map_service (string)"
-msgstr ""
+msgstr "ad_gpo_map_service (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:539
@@ -8735,6 +9021,9 @@ msgid ""
"control is evaluated based on the ServiceLogonRight and "
"DenyServiceLogonRight policy settings."
msgstr ""
+"Список назв служб PAM, відокремлених комами, для яких керування доступом на "
+"основі GPO засновано на параметрах захисту ServiceLogonRight і "
+"DenyServiceLogonRight."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
#: sssd-ad.5.xml:553
@@ -8743,6 +9032,8 @@ msgid ""
" ad_gpo_map_service = +my_pam_service\n"
" "
msgstr ""
+" ad_gpo_map_service = +my_pam_service\n"
+" "
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:545 sssd-ad.5.xml:615
@@ -8754,11 +9045,17 @@ msgid ""
"would use the following configuration: <placeholder type=\"programlisting\" "
"id=\"0\"/>"
msgstr ""
+"Можна додати іншу назву служби PAM до типового набору за допомогою "
+"конструкції «+назва_служби». Оскільки типовий набір є порожнім, назви служби "
+"з типового набору назв служб PAM вилучити неможливо. Наприклад, щоб додати "
+"нетипову назву служби PAM (наприклад, «my_pam_service»), вам слід "
+"скористатися такими налаштуваннями: <placeholder type=\"programlisting\" id="
+"\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ad.5.xml:563
msgid "ad_gpo_map_permit (string)"
-msgstr ""
+msgstr "ad_gpo_map_permit (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:566
@@ -8766,6 +9063,8 @@ msgid ""
"A comma-separated list of PAM service names for which GPO-based access is "
"always granted, regardless of any GPO Logon Rights."
msgstr ""
+"Список назв служб PAM, відокремлених комами, яким завжди надається доступ на "
+"основі GPO, незалежно від будь-яких прав входу GPO."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
#: sssd-ad.5.xml:580
@@ -8774,6 +9073,8 @@ msgid ""
" ad_gpo_map_permit = +my_pam_service, -sudo\n"
" "
msgstr ""
+" ad_gpo_map_permit = +my_pam_service, -sudo\n"
+" "
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:571
@@ -8786,16 +9087,23 @@ msgid ""
"<quote>my_pam_service</quote>), you would use the following configuration: "
"<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
+"Можна додати іншу назву служби PAM до типового набору за допомогою "
+"конструкції «+назва_служби» або явним чином вилучити назву служби PAM з "
+"типового набору за допомогою конструкції «-назва_служби». Наприклад, щоб "
+"замінити типову назву служби PAM для безумовного дозволеного доступу "
+"(наприклад, «sudo») з нетиповою назвою служби pam (наприклад, "
+"«my_pam_service»), вам слід скористатися такими налаштуваннями: <placeholder "
+"type=\"programlisting\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ad.5.xml:588
msgid "sudo"
-msgstr ""
+msgstr "sudo"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ad.5.xml:593
msgid "sudo-i"
-msgstr ""
+msgstr "sudo-i"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ad.5.xml:598
@@ -8805,7 +9113,7 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ad.5.xml:607
msgid "ad_gpo_map_deny (string)"
-msgstr ""
+msgstr "ad_gpo_map_deny (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:610
@@ -8813,6 +9121,8 @@ msgid ""
"A comma-separated list of PAM service names for which GPO-based access is "
"always denied, regardless of any GPO Logon Rights."
msgstr ""
+"Список назв служб PAM, відокремлених комами, яким завжди заборонено доступ "
+"на основі GPO, незалежно від будь-яких прав входу GPO."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
#: sssd-ad.5.xml:623
@@ -8821,11 +9131,13 @@ msgid ""
" ad_gpo_map_deny = +my_pam_service\n"
" "
msgstr ""
+" ad_gpo_map_deny = +my_pam_service\n"
+" "
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ad.5.xml:633
msgid "ad_gpo_default_right (string)"
-msgstr ""
+msgstr "ad_gpo_default_right (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:636
@@ -8839,51 +9151,60 @@ msgid ""
"settings. Alternatively, this option can be set to either always permit or "
"always deny access for unmapped PAM service names."
msgstr ""
+"За допомогою цього параметра визначається спосіб керування доступом для назв "
+"служб PAM, які не вказано явним чином у одному з параметрів ad_gpo_map_*. "
+"Цей параметр може бути встановлено у два різних способи. По-перше, цей "
+"параметр можна встановити так, що використовуватиметься типовий вхід. "
+"Наприклад, якщо для цього параметра встановлено значення «interactive», "
+"непов’язані назви служб PAM оброблятимуться на основі параметрів правил "
+"InteractiveLogonRight і DenyInteractiveLogonRight. Крім того, для цього "
+"параметра можна встановити таке значення, щоб система завжди дозволяла або "
+"забороняла доступ для непов’язаних назв служб PAM."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:649
msgid "Supported values for this option include:"
-msgstr ""
+msgstr "Передбачені значення для цього параметра:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ad.5.xml:653
msgid "interactive"
-msgstr ""
+msgstr "interactive"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ad.5.xml:658
msgid "remote_interactive"
-msgstr ""
+msgstr "remote_interactive"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ad.5.xml:663
msgid "network"
-msgstr ""
+msgstr "network"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ad.5.xml:668
msgid "batch"
-msgstr ""
+msgstr "batch"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ad.5.xml:673
msgid "service"
-msgstr ""
+msgstr "service"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ad.5.xml:678
msgid "permit"
-msgstr ""
+msgstr "permit"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ad.5.xml:683
msgid "deny"
-msgstr ""
+msgstr "deny"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:689
msgid "Default: deny"
-msgstr ""
+msgstr "Типове значення: deny"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:698
@@ -8918,12 +9239,12 @@ msgid "Default: True"
msgstr "Типове значення: True"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:797 sssd-krb5.5.xml:496
+#: sssd-ad.5.xml:797 sssd-krb5.5.xml:505
msgid "krb5_use_enterprise_principal (boolean)"
msgstr "krb5_use_enterprise_principal (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:800 sssd-krb5.5.xml:499
+#: sssd-ad.5.xml:800 sssd-krb5.5.xml:508
msgid ""
"Specifies if the user principal should be treated as enterprise principal. "
"See section 5 of RFC 6806 for more details about enterprise principals."
@@ -9000,6 +9321,11 @@ msgid ""
"you need to set all the connection parameters (such as LDAP URIs and "
"encryption details) manually."
msgstr ""
+"Втім, якщо явно не налаштовано засіб надання доступу «ad», типовим засобом "
+"надання доступу буде «permit». Будь ласка, зауважте, що якщо вами "
+"налаштовано засіб надання доступу, відмінний від «ad», вам доведеться "
+"встановлювати усі параметри з’єднання (зокрема адреси LDAP та параметри "
+"шифрування) вручну."
#. type: Content of: <reference><refentry><refnamediv><refname>
#: sssd-sudo.5.xml:10 sssd-sudo.5.xml:16
@@ -9495,6 +9821,10 @@ msgid ""
"signal can be sent to either the sssd process or any sssd_be process "
"directly."
msgstr ""
+"Наказує SSSD імітувати автономну дію, тривалість якої визначається "
+"параметром «offline_timeout». Найкориснішим застосуванням є тестування "
+"служби. Сигнал може бути надіслано або процесу sssd, або процесу sssd_be "
+"безпосередньо."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd.8.xml:182
@@ -9508,6 +9838,9 @@ msgid ""
"signal can be sent to either the sssd process or any sssd_be process "
"directly."
msgstr ""
+"Наказує SSSD перейти у режим роботи у мережі негайно. Найкориснішим "
+"застосуванням є тестування служби. Сигнал може бути надіслано або процесу "
+"sssd, або процесу sssd_be безпосередньо."
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd.8.xml:197
@@ -10143,16 +10476,32 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:225
+#, fuzzy
+#| msgid ""
+#| "Please refer to the <quote>dns_discovery_domain</quote> parameter in the "
+#| "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
+#| "manvolnum> </citerefentry> manual page for more details."
+msgid ""
+"NOTE: Please be aware that libkrb5 ccache expansion template from "
+"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> uses different expansion sequences than SSSD."
+msgstr ""
+"З докладнішими відомостями щодо параметра «dns_discovery_domain» можна "
+"ознайомитися на сторінці підручника (man) <citerefentry> <refentrytitle>sssd."
+"conf</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>."
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:234
msgid "Default: (from libkrb5)"
msgstr "Типове значення: (з libkrb5)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:231
+#: sssd-krb5.5.xml:240
msgid "krb5_auth_timeout (integer)"
msgstr "krb5_auth_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:234
+#: sssd-krb5.5.xml:243
msgid ""
"Timeout in seconds after an online authentication request or change password "
"request is aborted. If possible, the authentication request is continued "
@@ -10163,7 +10512,7 @@ msgstr ""
"розпізнавання буде продовжено у автономному режимі."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:248
+#: sssd-krb5.5.xml:257
msgid ""
"Verify with the help of krb5_keytab that the TGT obtained has not been "
"spoofed. The keytab is checked for entries sequentially, and the first entry "
@@ -10182,12 +10531,12 @@ msgstr ""
"його єдиним записом у файлі таблиці ключів."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:263
+#: sssd-krb5.5.xml:272
msgid "krb5_keytab (string)"
msgstr "krb5_keytab (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:266
+#: sssd-krb5.5.xml:275
msgid ""
"The location of the keytab to use when validating credentials obtained from "
"KDCs."
@@ -10196,17 +10545,17 @@ msgstr ""
"реєстраційних даних, отриманих від KDC."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:270
+#: sssd-krb5.5.xml:279
msgid "Default: /etc/krb5.keytab"
msgstr "Типове значення: /etc/krb5.keytab"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:276
+#: sssd-krb5.5.xml:285
msgid "krb5_store_password_if_offline (boolean)"
msgstr "krb5_store_password_if_offline (булівське значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:279
+#: sssd-krb5.5.xml:288
msgid ""
"Store the password of the user if the provider is offline and use it to "
"request a TGT when the provider comes online again."
@@ -10216,7 +10565,7 @@ msgstr ""
"перевірки."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:284
+#: sssd-krb5.5.xml:293
msgid ""
"NOTE: this feature is only available on Linux. Passwords stored in this way "
"are kept in plaintext in the kernel keyring and are potentially accessible "
@@ -10228,12 +10577,12 @@ msgstr ""
"користувач (root), але йому для цього слід буде подолати деякі перешкоди."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:297
+#: sssd-krb5.5.xml:306
msgid "krb5_renewable_lifetime (string)"
msgstr "krb5_renewable_lifetime (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:300
+#: sssd-krb5.5.xml:309
msgid ""
"Request a renewable ticket with a total lifetime, given as an integer "
"immediately followed by a time unit:"
@@ -10242,34 +10591,34 @@ msgstr ""
"за допомогою цілого числа, за яким одразу вказано одиницю часу:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:305 sssd-krb5.5.xml:339 sssd-krb5.5.xml:376
+#: sssd-krb5.5.xml:314 sssd-krb5.5.xml:348 sssd-krb5.5.xml:385
msgid "<emphasis>s</emphasis> for seconds"
msgstr "<emphasis>s</emphasis> — секунди"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:308 sssd-krb5.5.xml:342 sssd-krb5.5.xml:379
+#: sssd-krb5.5.xml:317 sssd-krb5.5.xml:351 sssd-krb5.5.xml:388
msgid "<emphasis>m</emphasis> for minutes"
msgstr "<emphasis>m</emphasis> — хвилини"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:311 sssd-krb5.5.xml:345 sssd-krb5.5.xml:382
+#: sssd-krb5.5.xml:320 sssd-krb5.5.xml:354 sssd-krb5.5.xml:391
msgid "<emphasis>h</emphasis> for hours"
msgstr "<emphasis>h</emphasis> — години"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:314 sssd-krb5.5.xml:348 sssd-krb5.5.xml:385
+#: sssd-krb5.5.xml:323 sssd-krb5.5.xml:357 sssd-krb5.5.xml:394
msgid "<emphasis>d</emphasis> for days."
msgstr "<emphasis>d</emphasis> — дні."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:317 sssd-krb5.5.xml:388
+#: sssd-krb5.5.xml:326 sssd-krb5.5.xml:397
msgid "If there is no unit given, <emphasis>s</emphasis> is assumed."
msgstr ""
"Якщо одиниці часу не буде вказано, вважатиметься, що використано одиницю "
"<emphasis>s</emphasis>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:321 sssd-krb5.5.xml:392
+#: sssd-krb5.5.xml:330 sssd-krb5.5.xml:401
msgid ""
"NOTE: It is not possible to mix units. To set the renewable lifetime to one "
"and a half hours, use '90m' instead of '1h30m'."
@@ -10279,17 +10628,17 @@ msgstr ""
"«1h30m»."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:326
+#: sssd-krb5.5.xml:335
msgid "Default: not set, i.e. the TGT is not renewable"
msgstr "Типове значення: не встановлено, тобто TGT не є оновлюваним"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:332
+#: sssd-krb5.5.xml:341
msgid "krb5_lifetime (string)"
msgstr "krb5_lifetime (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:335
+#: sssd-krb5.5.xml:344
msgid ""
"Request ticket with a lifetime, given as an integer immediately followed by "
"a time unit:"
@@ -10298,14 +10647,14 @@ msgstr ""
"цілого числа, за яким одразу вказано одиницю часу:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:351
+#: sssd-krb5.5.xml:360
msgid "If there is no unit given <emphasis>s</emphasis> is assumed."
msgstr ""
"Якщо одиниці часу не буде вказано, вважатиметься, що використано одиницю "
"<emphasis>s</emphasis>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:355
+#: sssd-krb5.5.xml:364
msgid ""
"NOTE: It is not possible to mix units. To set the lifetime to one and a "
"half hours please use '90m' instead of '1h30m'."
@@ -10315,7 +10664,7 @@ msgstr ""
"«1h30m»."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:360
+#: sssd-krb5.5.xml:369
msgid ""
"Default: not set, i.e. the default ticket lifetime configured on the KDC."
msgstr ""
@@ -10323,12 +10672,12 @@ msgstr ""
"визначатиметься у налаштуваннях KDC."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:367
+#: sssd-krb5.5.xml:376
msgid "krb5_renew_interval (string)"
msgstr "krb5_renew_interval (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:370
+#: sssd-krb5.5.xml:379
msgid ""
"The time in seconds between two checks if the TGT should be renewed. TGTs "
"are renewed if about half of their lifetime is exceeded, given as an integer "
@@ -10340,14 +10689,14 @@ msgstr ""
"одиниці часу:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:397
+#: sssd-krb5.5.xml:406
msgid "If this option is not set or is 0 the automatic renewal is disabled."
msgstr ""
"Якщо значення для цього параметра встановлено не буде або буде встановлено "
"значення 0, автоматичного оновлення не відбуватиметься."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:415
+#: sssd-krb5.5.xml:424
msgid ""
"<emphasis>never</emphasis> use FAST. This is equivalent to not setting this "
"option at all."
@@ -10356,7 +10705,7 @@ msgstr ""
"якого значення цього параметра взагалі не задається."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:419
+#: sssd-krb5.5.xml:428
msgid ""
"<emphasis>try</emphasis> to use FAST. If the server does not support FAST, "
"continue the authentication without it."
@@ -10365,30 +10714,30 @@ msgstr ""
"передбачено підтримки FAST, продовжити розпізнавання без FAST."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:429
+#: sssd-krb5.5.xml:438
msgid "Default: not set, i.e. FAST is not used."
msgstr "Типове значення: не встановлено, тобто FAST не використовується."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:432
+#: sssd-krb5.5.xml:441
msgid "NOTE: a keytab is required to use FAST."
msgstr ""
"Зауваження: будь ласка, зауважте, що для використання FAST потрібна таблиця "
"ключів."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:444
+#: sssd-krb5.5.xml:453
msgid "krb5_fast_principal (string)"
msgstr "krb5_fast_principal (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:447
+#: sssd-krb5.5.xml:456
msgid "Specifies the server principal to use for FAST."
msgstr ""
"Визначає реєстраційний запис сервера, який слід використовувати для FAST."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:456
+#: sssd-krb5.5.xml:465
msgid ""
"Specifies if the host and user principal should be canonicalized. This "
"feature is available with MIT Kerberos 1.7 and later versions."
@@ -10397,10 +10746,45 @@ msgstr ""
"канонічну форму. Цю можливість передбачено з версії MIT Kerberos 1.7."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:505
+#: sssd-krb5.5.xml:514
msgid "Default: false (AD provider: true)"
msgstr "Типове значення: false (надається AD: true)"
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:520
+#, fuzzy
+#| msgid "krb5_use_fast (string)"
+msgid "krb5_map_user (string)"
+msgstr "krb5_use_fast (рядок)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:523
+msgid ""
+"The list of mappings is given as a comma-separated list of pairs "
+"<quote>username:primary</quote> where <quote>username</quote> is a UNIX user "
+"name and <quote>primary</quote> is a user part of a kerberos principal. This "
+"mapping is used when user is authenticating using <quote>auth_provider = "
+"krb5</quote>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd-krb5.5.xml:535
+#, no-wrap
+msgid ""
+"krb5_realm = REALM\n"
+"krb5_map_user = joe:juser,dick:richard\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:540
+msgid ""
+"<quote>joe</quote> and <quote>dick</quote> are UNIX user names and "
+"<quote>juser</quote> and <quote>richard</quote> are primaries of kerberos "
+"principals. For user <quote>joe</quote> resp. <quote>dick</quote> SSSD will "
+"try to kinit as <quote>juser@REALM</quote> resp. <quote>richard@REALM</"
+"quote>."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-krb5.5.xml:65
msgid ""
@@ -10417,7 +10801,7 @@ msgstr ""
"про налаштування домену SSSD. <placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-krb5.5.xml:521
+#: sssd-krb5.5.xml:566
msgid ""
"The following example assumes that SSSD is correctly configured and FOO is "
"one of the domains in the <replaceable>[sssd]</replaceable> section. This "
@@ -10430,7 +10814,7 @@ msgstr ""
"Kerberos, там не вказано інструменту обробки профілів."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-krb5.5.xml:529
+#: sssd-krb5.5.xml:574
#, no-wrap
msgid ""
" [domain/FOO]\n"
@@ -10973,16 +11357,18 @@ msgid ""
"<option>-h</option>,<option>--ssh-host</option> <replaceable>hostname</"
"replaceable>"
msgstr ""
+"<option>-h</option>,<option>--ssh-host</option> <replaceable>назва вузла</"
+"replaceable>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_cache.8.xml:167
msgid "Invalidate SSH public keys of a specific host."
-msgstr ""
+msgstr "Скасувати чинність відкритих ключів SSH певного вузла."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_cache.8.xml:173
msgid "<option>-H</option>,<option>--ssh-hosts</option>"
-msgstr ""
+msgstr "<option>-H</option>,<option>--ssh-hosts</option>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_cache.8.xml:177
@@ -10990,6 +11376,9 @@ msgid ""
"Invalidate SSH public keys of all hosts. This option overrides invalidation "
"of SSH public keys of specific host if it was also set."
msgstr ""
+"Скасувати чинність усіх відкритих ключів SSH усіх вузлів. Цей параметр "
+"перевизначає скасовування чинності ключів SSH певних вузлів, якщо для них "
+"було використано таке скасовування."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_cache.8.xml:185
@@ -11376,21 +11765,27 @@ msgid ""
"<contrib>Developer (2014-)</contrib> <email>tsnoam@gmail.com</email> </"
"author>"
msgstr ""
+"<productname>sss rpc.idmapd plugin</productname> <author> <firstname>Noam</"
+"firstname> <surname>Meltzer</surname> <affiliation> <orgname>Primary Data "
+"Inc.</orgname> </affiliation> <contrib>Розробник (2013-2014)</contrib> </"
+"author> <author> <firstname>Noam</firstname> <surname>Meltzer</surname> "
+"<contrib>Розробник (2014-)</contrib> <email>tsnoam@gmail.com</email> </"
+"author>"
#. type: Content of: <reference><refentry><refnamediv><refname>
#: sss_rpcidmapd.5.xml:26 sss_rpcidmapd.5.xml:32
msgid "sss_rpcidmapd"
-msgstr ""
+msgstr "sss_rpcidmapd"
#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sss_rpcidmapd.5.xml:33
msgid "sss plugin configuration directives for rpc.idmapd"
-msgstr ""
+msgstr "Директиви налаштовування додатка sss для rpc.idmapd"
#. type: Content of: <reference><refentry><refsect1><title>
#: sss_rpcidmapd.5.xml:37
msgid "CONFIGURATION FILE"
-msgstr ""
+msgstr "ФАЙЛ НАЛАШТУВАНЬ"
#. type: Content of: <reference><refentry><refsect1><para>
#: sss_rpcidmapd.5.xml:39
@@ -11399,16 +11794,20 @@ msgid ""
"conf</emphasis>. See <citerefentry> <refentrytitle>idmapd.conf</"
"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more information."
msgstr ""
+"Файл налаштувань rpc.idmapd зазвичай зберігається тут: <emphasis>/etc/idmapd."
+"conf</emphasis>. Див. підручник з <citerefentry> <refentrytitle>idmapd.conf</"
+"refentrytitle> <manvolnum>5</manvolnum> </citerefentry>, щоб дізнатися "
+"більше.\n"
#. type: Content of: <reference><refentry><refsect1><title>
#: sss_rpcidmapd.5.xml:49
msgid "SSS CONFIGURATION EXTENSION"
-msgstr ""
+msgstr "РОЗШИРЕННЯ НАЛАШТОВУВАННЯ SSS"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
#: sss_rpcidmapd.5.xml:51
msgid "Enable SSS plugin"
-msgstr ""
+msgstr "Вмикання додатка SSS"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
#: sss_rpcidmapd.5.xml:53
@@ -11416,11 +11815,13 @@ msgid ""
"In section <quote>[Translation]</quote>, modify/set <quote>Method</quote> "
"attribute to contain <emphasis>sss</emphasis>."
msgstr ""
+"У розділі «[Translation]» змініть або додайте атрибут «Method» із вмістом "
+"<emphasis>sss</emphasis>."
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
#: sss_rpcidmapd.5.xml:59
msgid "[sss] config section"
-msgstr ""
+msgstr "Розділ налаштовування [sss]"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
#: sss_rpcidmapd.5.xml:61
@@ -11429,26 +11830,29 @@ msgid ""
"<emphasis>sss</emphasis> plugin listed below you will need to create a "
"config section for it, named <quote>[sss]</quote>."
msgstr ""
+"Якщо вам потрібно змінити типове значення одного з атрибутів налаштувань, "
+"перелічених нижче, додатка <emphasis>sss</emphasis>, вам слід створити "
+"розділ налаштувань для нього з назвою «[sss]»."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
#: sss_rpcidmapd.5.xml:67
msgid "Configuration attributes"
-msgstr ""
+msgstr "Атрибути налаштувань"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#: sss_rpcidmapd.5.xml:69
msgid "memcache (bool)"
-msgstr ""
+msgstr "memcache (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sss_rpcidmapd.5.xml:72
msgid "Indicates whether or not to use memcache optimisation technique."
-msgstr ""
+msgstr "Визначає, чи слід використовувати методику оптимізації кешу у пам’яті."
#. type: Content of: <reference><refentry><refsect1><title>
#: sss_rpcidmapd.5.xml:85
msgid "SSSD INTEGRATION"
-msgstr ""
+msgstr "ІНТЕГРАЦІЯ З SSSD"
#. type: Content of: <reference><refentry><refsect1><para>
#: sss_rpcidmapd.5.xml:87
@@ -11456,6 +11860,7 @@ msgid ""
"The sss plugin requires the <emphasis>NSS Responder</emphasis> to be enabled "
"in sssd."
msgstr ""
+"Додаток sss потребує вмикання <emphasis>Відповідача NSS</emphasis> у sssd."
#. type: Content of: <reference><refentry><refsect1><para>
#: sss_rpcidmapd.5.xml:91
@@ -11464,6 +11869,8 @@ msgid ""
"all domains (NFSv4 clients expect a fully qualified name to be sent on the "
"wire)."
msgstr ""
+"Атрибут «use_fully_qualified_names» має бути увімкнено для усіх доменів "
+"(клієнти NFSv4 очікують на те, що надсилається назва повністю)."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
#: sss_rpcidmapd.5.xml:103
@@ -11482,6 +11889,18 @@ msgid ""
"[Translation]\n"
"Method = sss\n"
msgstr ""
+"[General]\n"
+"Verbosity = 2\n"
+"# домен має бути синхронізовано між сервером NFSv4 та клієнтами\n"
+"# У Solaris/Illumos/AIX типово використовується \"локальний домен\"!\n"
+"Domain = default\n"
+"\n"
+"[Mapping]\n"
+"Nobody-User = nfsnobody\n"
+"Nobody-Group = nfsnobody\n"
+"\n"
+"[Translation]\n"
+"Method = sss\n"
#. type: Content of: <reference><refentry><refsect1><para>
#: sss_rpcidmapd.5.xml:100
@@ -11489,6 +11908,9 @@ msgid ""
"The following example shows a minimal idmapd.conf which makes use of the sss "
"plugin. <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
+"У наведеному нижче прикладі показано мінімальний вигляд idmapd.conf, де "
+"використовується додаток sss. <placeholder type=\"programlisting\" id=\"0\"/"
+">"
#. type: Content of: <refsect1><title>
#: sss_rpcidmapd.5.xml:120 include/seealso.xml:2
@@ -11502,6 +11924,9 @@ msgid ""
"citerefentry>, <citerefentry> <refentrytitle>idmapd.conf</refentrytitle> "
"<manvolnum>5</manvolnum> </citerefentry>"
msgstr ""
+"<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>idmapd.conf</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry>"
#. type: Content of: <reference><refentry><refnamediv><refname>
#: sss_ssh_authorizedkeys.1.xml:10 sss_ssh_authorizedkeys.1.xml:15
@@ -12663,6 +13088,46 @@ msgid ""
"<refentrytitle>sss_rpcidmapd</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry>"
msgstr ""
+"<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>sssd.conf</"
+"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</"
+"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sssd-simple</refentrytitle><manvolnum>5</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>sssd-ipa</"
+"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sssd-ad</refentrytitle><manvolnum>5</manvolnum> </"
+"citerefentry>, <phrase condition=\"with_sudo\"> <citerefentry> "
+"<refentrytitle>sssd-sudo</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry>, </phrase> <citerefentry> <refentrytitle>sss_cache</"
+"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sss_debuglevel</refentrytitle><manvolnum>8</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</"
+"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</"
+"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</"
+"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</"
+"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sss_obfuscate</refentrytitle><manvolnum>8</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>sss_seed</"
+"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sssd_krb5_locator_plugin</refentrytitle><manvolnum>8</"
+"manvolnum> </citerefentry>, <phrase condition=\"with_ssh\"> <citerefentry> "
+"<refentrytitle>sss_ssh_authorizedkeys</refentrytitle> <manvolnum>8</"
+"manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sss_ssh_knownhostsproxy</refentrytitle> <manvolnum>8</"
+"manvolnum> </citerefentry>, </phrase> <phrase condition=\"with_ifp\"> "
+"<citerefentry> <refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry>, </phrase> <citerefentry> <refentrytitle>pam_sss</"
+"refentrytitle><manvolnum>8</manvolnum> </citerefentry>. <citerefentry> "
+"<refentrytitle>sss_rpcidmapd</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry>"
#. type: Content of: <listitem><para>
#: include/ldap_search_bases.xml:3
@@ -12756,7 +13221,7 @@ msgstr "ім’я користувача повністю (користувач@
#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: include/override_homedir.xml:28
msgid "UPN - User Principal Name (name@REALM)"
-msgstr ""
+msgstr "UPN - User Principal Name (ім’я@ОБЛАСТЬ)"
#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><term>
#: include/override_homedir.xml:31
@@ -12850,3 +13315,15 @@ msgstr "Типове значення: /home"
#~ msgstr ""
#~ "Додати значення мікросекунд до часової позначки у діагностичних "
#~ "повідомленнях"
+
+#~ msgid ""
+#~ "Also please note that if there is a user name in pam_trusted_users list "
+#~ "which fails to be resolved it will cause that SSSD will not be started."
+#~ msgstr ""
+#~ "Також зауважте, що якщо у списку pam_trusted_users є ім’я користувача, "
+#~ "яке не вдається обробити, SSSD не буде запущено."
+
+#~ msgid "Currently only refreshing expired netgroups is supported."
+#~ msgstr ""
+#~ "У поточній версії передбачено оновлення лише застарілих записів мережевих "
+#~ "груп."
diff --git a/src/man/po/zh-CN.po b/src/man/po/zh-CN.po
new file mode 100644
index 000000000..e027e0ec1
--- /dev/null
+++ b/src/man/po/zh-CN.po
@@ -0,0 +1,10227 @@
+# SOME DESCRIPTIVE TITLE
+# Copyright (C) YEAR Red Hat
+# This file is distributed under the same license as the sssd-docs package.
+#
+# Translators:
+# Christopher Meng <cickumqt@gmail.com>, 2012
+msgid ""
+msgstr ""
+"Project-Id-Version: sssd-docs 1.12.2\n"
+"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
+"POT-Creation-Date: 2014-10-20 16:36+0300\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"PO-Revision-Date: 2014-06-04 02:04-0400\n"
+"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
+"Language-Team: Chinese (China) (http://www.transifex.com/projects/p/sssd/"
+"language/zh_CN/)\n"
+"Language: zh-CN\n"
+"Plural-Forms: nplurals=1; plural=0;\n"
+"X-Generator: Zanata 3.5.1\n"
+
+#. type: Content of: <reference><title>
+#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 sssd-ad.5.xml:5 sssd-sudo.5.xml:5 sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 sss_groupshow.8.xml:5 sss_usermod.8.xml:5 sss_cache.8.xml:5 sss_debuglevel.8.xml:5 sss_seed.8.xml:5 sssd-ifp.5.xml:5 sss_rpcidmapd.5.xml:5 sss_ssh_authorizedkeys.1.xml:5 sss_ssh_knownhostsproxy.1.xml:5
+msgid "SSSD Manual pages"
+msgstr "SSSD 手册页面"
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15
+msgid "sss_groupmod"
+msgstr "sss_groupmod"
+
+#. type: Content of: <reference><refentry><refmeta><manvolnum>
+#: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11 sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 sss_groupshow.8.xml:11 sss_usermod.8.xml:11 sss_cache.8.xml:11 sss_debuglevel.8.xml:11 sss_seed.8.xml:11
+msgid "8"
+msgstr "8"
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_groupmod.8.xml:16
+msgid "modify a group"
+msgstr "变更一个组"
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_groupmod.8.xml:21
+msgid ""
+"<command>sss_groupmod</command> <arg choice='opt'> <replaceable>options</"
+"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></"
+"arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:53 sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21 sssd-ad.5.xml:21 sssd-sudo.5.xml:21 sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30 sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 sss_cache.8.xml:29 sss_debuglevel.8.xml:30 sss_seed.8.xml:31 sssd-ifp.5.xml:21 sss_ssh_authorizedkeys.1.xml:30 sss_ssh_knownhostsproxy.1.xml:31
+msgid "DESCRIPTION"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_groupmod.8.xml:32
+msgid ""
+"<command>sss_groupmod</command> modifies the group to reflect the changes "
+"that are specified on the command line."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sss_groupmod.8.xml:39 pam_sss.8.xml:60 sssd.8.xml:42 sss_obfuscate.8.xml:58 sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 sss_cache.8.xml:38 sss_debuglevel.8.xml:38 sss_seed.8.xml:42 sss_ssh_authorizedkeys.1.xml:75 sss_ssh_knownhostsproxy.1.xml:62
+msgid "OPTIONS"
+msgstr "选项"
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_groupmod.8.xml:43 sss_usermod.8.xml:77
+msgid ""
+"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</"
+"replaceable>"
+msgstr ""
+"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</"
+"replaceable>"
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_groupmod.8.xml:48
+msgid ""
+"Append this group to groups specified by the <replaceable>GROUPS</"
+"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is "
+"a comma separated list of group names."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_groupmod.8.xml:57 sss_usermod.8.xml:91
+msgid ""
+"<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</"
+"replaceable>"
+msgstr ""
+"<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</"
+"replaceable>"
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_groupmod.8.xml:62
+msgid ""
+"Remove this group from groups specified by the <replaceable>GROUPS</"
+"replaceable> parameter."
+msgstr ""
+"Remove this group from groups specified by the <replaceable>GROUPS</"
+"replaceable> parameter."
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd.conf.5.xml:10 sssd.conf.5.xml:16
+msgid "sssd.conf"
+msgstr "sssd.conf"
+
+#. type: Content of: <reference><refentry><refmeta><manvolnum>
+#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 sssd-ipa.5.xml:11 sssd-ad.5.xml:11 sssd-sudo.5.xml:11 sssd-krb5.5.xml:11 sssd-ifp.5.xml:11 sss_rpcidmapd.5.xml:27
+msgid "5"
+msgstr "5"
+
+#. type: Content of: <reference><refentry><refmeta><refmiscinfo>
+#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 sssd-ipa.5.xml:12 sssd-ad.5.xml:12 sssd-sudo.5.xml:12 sssd-krb5.5.xml:12 sssd-ifp.5.xml:12 sss_rpcidmapd.5.xml:28
+msgid "File Formats and Conventions"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sssd.conf.5.xml:17
+msgid "the configuration file for SSSD"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd.conf.5.xml:21
+msgid "FILE FORMAT"
+msgstr "文件格式"
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd.conf.5.xml:29
+#, no-wrap
+msgid ""
+" <replaceable>[section]</replaceable>\n"
+" <replaceable>key</replaceable> = <replaceable>value</"
+"replaceable>\n"
+" <replaceable>key2</replaceable> = "
+"<replaceable>value2,value3</replaceable>\n"
+" "
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:24
+msgid ""
+"The file has an ini-style syntax and consists of sections and parameters. A "
+"section begins with the name of the section in square brackets and continues "
+"until the next section begins. An example of section with single and multi-"
+"valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:36
+msgid ""
+"The data types used are string (no quotes needed), integer and bool (with "
+"values of <quote>TRUE/FALSE</quote>)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:41
+msgid ""
+"A line comment starts with a hash sign (<quote>#</quote>) or a semicolon "
+"(<quote>;</quote>). Inline comments are not supported."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:47
+msgid ""
+"All sections can have an optional <replaceable>description</replaceable> "
+"parameter. Its function is only as a label for the section."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:53
+msgid ""
+"<filename>sssd.conf</filename> must be a regular file, owned by root and "
+"only root may read from or write to the file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd.conf.5.xml:59
+msgid "GENERAL OPTIONS"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:61
+msgid "Following options are usable in more than one configuration sections."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:65
+msgid "Options usable in all sections"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:69
+msgid "debug_level (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:73
+msgid "debug_timestamps (bool)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:76
+msgid "Add a timestamp to the debug messages"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:79 sssd.conf.5.xml:554 sssd.conf.5.xml:966 sssd-ldap.5.xml:1597 sssd-ldap.5.xml:1694 sssd-ldap.5.xml:1756 sssd-ldap.5.xml:2242 sssd-ldap.5.xml:2307 sssd-ldap.5.xml:2325 sssd-ipa.5.xml:375 sssd-ipa.5.xml:410 sssd-ad.5.xml:166 sssd-ad.5.xml:250 sssd-ad.5.xml:684 sssd-ad.5.xml:773 sssd-krb5.5.xml:490
+msgid "Default: true"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:84
+msgid "debug_microseconds (bool)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:87
+msgid "Add microseconds to the timestamp in debug messages"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:90 sssd.conf.5.xml:920 sssd.conf.5.xml:1992 sssd-ldap.5.xml:678 sssd-ldap.5.xml:1471 sssd-ldap.5.xml:1490 sssd-ldap.5.xml:1666 sssd-ldap.5.xml:2029 sssd-ipa.5.xml:139 sssd-ipa.5.xml:205 sssd-ipa.5.xml:522 sssd-krb5.5.xml:257 sssd-krb5.5.xml:291 sssd-krb5.5.xml:462
+msgid "Default: false"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:67 sssd.conf.5.xml:101 sssd-ldap.5.xml:2050
+msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:99
+msgid "Options usable in SERVICE and DOMAIN sections"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:103
+msgid "timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:106
+msgid ""
+"Timeout in seconds between heartbeats for this service. This is used to "
+"ensure that the process is alive and capable of answering requests."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:111 sssd-ldap.5.xml:1342
+msgid "Default: 10"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd.conf.5.xml:121
+msgid "SPECIAL SECTIONS"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:124
+msgid "The [sssd] section"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
+#: sssd.conf.5.xml:133 sssd.conf.5.xml:2076
+msgid "Section parameters"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:135
+msgid "config_file_version (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:138
+msgid ""
+"Indicates what is the syntax of the config file. SSSD 0.6.0 and later use "
+"version 2."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:144
+msgid "services"
+msgstr "服务"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:147
+msgid ""
+"Comma separated list of services that are started when sssd itself starts."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:151
+msgid ""
+"Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</phrase> "
+"<phrase condition=\"with_autofs\">, autofs</phrase> <phrase condition="
+"\"with_ssh\">, ssh</phrase> <phrase condition=\"with_pac_responder\">, pac</"
+"phrase> <phrase condition=\"with_ifp\">, ifp</phrase>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:161 sssd.conf.5.xml:370
+msgid "reconnection_retries (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:164 sssd.conf.5.xml:373
+msgid ""
+"Number of times services should attempt to reconnect in the event of a Data "
+"Provider crash or restart before they give up"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:169 sssd.conf.5.xml:378
+msgid "Default: 3"
+msgstr "默认: 3"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:174
+msgid "domains"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:177
+msgid ""
+"A domain is a database containing user information. SSSD can use more "
+"domains at the same time, but at least one must be configured or SSSD won't "
+"start. This parameter described the list of domains in the order you want "
+"them to be queried. A domain name should only consist of alphanumeric ASCII "
+"characters, dashes and underscores."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:189 sssd.conf.5.xml:1778
+msgid "re_expression (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:192
+msgid ""
+"Default regular expression that describes how to parse the string containing "
+"user name and domain into these components."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:197
+msgid ""
+"Each domain can have an individual regular expression configured. For some "
+"ID providers there are also default regular expressions. See DOMAIN "
+"SECTIONS for more info on these regular expressions."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:206 sssd.conf.5.xml:1829
+msgid "full_name_format (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:209 sssd.conf.5.xml:1832
+msgid ""
+"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
+"manvolnum> </citerefentry>-compatible format that describes how to compose a "
+"fully qualified name from user name and domain name components."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:220 sssd.conf.5.xml:1843
+msgid "%1$s"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:221 sssd.conf.5.xml:1844
+msgid "user name"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:224 sssd.conf.5.xml:1847
+msgid "%2$s"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:227 sssd.conf.5.xml:1850
+msgid "domain name as specified in the SSSD config file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:233 sssd.conf.5.xml:1856
+msgid "%3$s"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:236 sssd.conf.5.xml:1859
+msgid ""
+"domain flat name. Mostly usable for Active Directory domains, both directly "
+"configured or discovered via IPA trusts."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:217 sssd.conf.5.xml:1840
+msgid ""
+"The following expansions are supported: <placeholder type=\"variablelist\" "
+"id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:246
+msgid ""
+"Each domain can have an individual format string configured. see DOMAIN "
+"SECTIONS for more info on this option."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:252
+msgid "try_inotify (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:255
+msgid ""
+"SSSD monitors the state of resolv.conf to identify when it needs to update "
+"its internal DNS resolver. By default, we will attempt to use inotify for "
+"this, and will fall back to polling resolv.conf every five seconds if "
+"inotify cannot be used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:263
+msgid ""
+"There are some limited situations where it is preferred that we should skip "
+"even trying to use inotify. In these rare cases, this option should be set "
+"to 'false'"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:269
+msgid ""
+"Default: true on platforms where inotify is supported. False on other "
+"platforms."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:273
+msgid ""
+"Note: this option will have no effect on platforms where inotify is "
+"unavailable. On these platforms, polling will always be used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:280
+msgid "krb5_rcache_dir (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:283
+msgid ""
+"Directory on the filesystem where SSSD should store Kerberos replay cache "
+"files."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:287
+msgid ""
+"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct "
+"SSSD to let libkrb5 decide the appropriate location for the replay cache."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:293
+msgid ""
+"Default: Distribution-specific and specified at build-time. "
+"(__LIBKRB5_DEFAULTS__ if not configured)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:300
+msgid "default_domain_suffix (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:303
+msgid ""
+"This string will be used as a default domain name for all names without a "
+"domain name component. The main use case is environments where the primary "
+"domain is intended for managing host policies and all users are located in a "
+"trusted domain. The option allows those users to log in just with their "
+"user name without giving a domain name as well."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:313
+msgid ""
+"Please note that if this option is set all users from the primary domain "
+"have to use their fully qualified name, e.g. user@domain.name, to log in."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:319 sssd-ldap.5.xml:649 sssd-ldap.5.xml:1430 sssd-ldap.5.xml:1442 sssd-ldap.5.xml:1524 sssd-ad.5.xml:532 sssd-ad.5.xml:597 sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:203 include/ldap_id_mapping.xml:214
+msgid "Default: not set"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:324
+msgid "override_space (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:327
+msgid ""
+"This parameter will replace spaces (space bar) with the given character for "
+"user and group names. e.g. (_). User name &quot;john doe&quot; will be "
+"&quot;john_doe&quot; This feature was added to help compatibility with shell "
+"scripts that have difficulty handling spaces, due to the default field "
+"separator in the shell."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:336
+msgid ""
+"Please note it is a configuration error to use a replacement character that "
+"might be used in user or group names. If a name contains the replacement "
+"character SSSD tries to return the unmodified name but in general the result "
+"of a lookup is undefined."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:344
+msgid "Default: not set (spaces will not be replaced)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para>
+#: sssd.conf.5.xml:126
+msgid ""
+"Individual pieces of SSSD functionality are provided by special SSSD "
+"services that are started and stopped together with SSSD. The services are "
+"managed by a special service frequently called <quote>monitor</quote>. The "
+"<quote>[sssd]</quote> section is used to configure the monitor as well as "
+"some other important options like the identity domains. <placeholder type="
+"\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd.conf.5.xml:355
+msgid "SERVICES SECTIONS"
+msgstr "服务部分"
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:357
+msgid ""
+"Settings that can be used to configure different services are described in "
+"this section. They should reside in the [<replaceable>$NAME</replaceable>] "
+"section, for example, for NSS service, the section would be <quote>[nss]</"
+"quote>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:364
+msgid "General service configuration options"
+msgstr "基本服务配置选项"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para>
+#: sssd.conf.5.xml:366
+msgid "These options can be used to configure any service."
+msgstr "这些选项可被用于配置任何服务。"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:383
+msgid "fd_limit"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:386
+msgid ""
+"This option specifies the maximum number of file descriptors that may be "
+"opened at one time by this SSSD process. On systems where SSSD is granted "
+"the CAP_SYS_RESOURCE capability, this will be an absolute setting. On "
+"systems without this capability, the resulting value will be the lower value "
+"of this or the limits.conf \"hard\" limit."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:395
+msgid "Default: 8192 (or limits.conf \"hard\" limit)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:400
+msgid "client_idle_timeout"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:403
+msgid ""
+"This option specifies the number of seconds that a client of an SSSD process "
+"can hold onto a file descriptor without communicating on it. This value is "
+"limited in order to avoid resource exhaustion on the system."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:410 sssd.conf.5.xml:426 sssd.conf.5.xml:458 sssd.conf.5.xml:675 sssd.conf.5.xml:835 sssd.conf.5.xml:1161 sssd-ldap.5.xml:1172
+msgid "Default: 60"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:415 sssd.conf.5.xml:1150
+msgid "force_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:418 sssd.conf.5.xml:1153
+msgid ""
+"If a service is not responding to ping checks (see the <quote>timeout</"
+"quote> option), it is first sent the SIGTERM signal that instructs it to "
+"quit gracefully. If the service does not terminate after "
+"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down "
+"by sending a SIGKILL signal."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:431
+msgid "offline_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:434
+msgid ""
+"When SSSD switches to offline mode the amount of time before it tries to go "
+"back online will increase based upon the time spent disconnected. This "
+"value is in seconds and calculated by the following:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:441
+msgid "offline_timeout + random_offset"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:444
+msgid ""
+"The random offset can increment up to 30 seconds. After each unsuccessful "
+"attempt to go online, the new interval is recalculated by the following:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:449
+msgid "new_interval = old_interval*2 + random_offset"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:452
+msgid ""
+"Note that the maximum length of each interval is currently limited to one "
+"hour. If the calculated length of new_interval is greater than an hour, it "
+"will be forced to one hour."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:467
+msgid "NSS configuration options"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para>
+#: sssd.conf.5.xml:469
+msgid ""
+"These options can be used to configure the Name Service Switch (NSS) service."
+""
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:474
+msgid "enum_cache_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:477
+msgid ""
+"How many seconds should nss_sss cache enumerations (requests for info about "
+"all users)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:481
+msgid "Default: 120"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:486
+msgid "entry_cache_nowait_percentage (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:489
+msgid ""
+"The entry cache can be set to automatically update entries in the background "
+"if they are requested beyond a percentage of the entry_cache_timeout value "
+"for the domain."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:495
+msgid ""
+"For example, if the domain's entry_cache_timeout is set to 30s and "
+"entry_cache_nowait_percentage is set to 50 (percent), entries that come in "
+"after 15 seconds past the last cache update will be returned immediately, "
+"but the SSSD will go and update the cache on its own, so that future "
+"requests will not need to block waiting for a cache update."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:505
+msgid ""
+"Valid values for this option are 0-99 and represent a percentage of the "
+"entry_cache_timeout for each domain. For performance reasons, this "
+"percentage will never reduce the nowait timeout to less than 10 seconds. (0 "
+"disables this feature)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:513
+msgid "Default: 50"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:518
+msgid "entry_negative_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:521
+msgid ""
+"Specifies for how many seconds nss_sss should cache negative cache hits "
+"(that is, queries for invalid database entries, like nonexistent ones) "
+"before asking the back end again."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:527 sssd.conf.5.xml:944
+msgid "Default: 15"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:532
+msgid "filter_users, filter_groups (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:535
+msgid ""
+"Exclude certain users from being fetched from the sss NSS database. This is "
+"particularly useful for system accounts. This option can also be set per-"
+"domain or include fully-qualified names to filter only users from the "
+"particular domain."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:542
+msgid "Default: root"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:547
+msgid "filter_users_in_groups (bool)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:550
+msgid ""
+"If you want filtered user still be group members set this option to false."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:561
+msgid "fallback_homedir (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:564
+msgid ""
+"Set a default template for a user's home directory if one is not specified "
+"explicitly by the domain's data provider."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:569
+msgid ""
+"The available values for this option are the same as for override_homedir."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd.conf.5.xml:575
+#, no-wrap
+msgid "fallback_homedir = /home/%u\n"
+" "
+msgstr ""
+
+#. type: Content of: <varlistentry><listitem><para>
+#: sssd.conf.5.xml:573 include/override_homedir.xml:55
+msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:579
+msgid "Default: not set (no substitution for unset home directories)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:585
+msgid "override_shell (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:588
+msgid ""
+"Override the login shell for all users. This option supersedes any other "
+"shell options if it takes effect and can be set either in the [nss] section "
+"or per-domain."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:594
+msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:600
+msgid "allowed_shells (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:603
+msgid ""
+"Restrict user shell to one of the listed values. The order of evaluation is:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:606
+msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:610
+msgid ""
+"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
+"quote>, use the value of the shell_fallback parameter."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:615
+msgid ""
+"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
+"shells</quote>, a nologin shell is used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:620
+msgid "An empty string for shell is passed as-is to libc."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:623
+msgid ""
+"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
+"that a restart of the SSSD is required in case a new shell is installed."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:627
+msgid "Default: Not set. The user shell is automatically used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:632
+msgid "vetoed_shells (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:635
+msgid "Replace any instance of these shells with the shell_fallback"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:640
+msgid "shell_fallback (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:643
+msgid ""
+"The default shell to use if an allowed shell is not installed on the machine."
+""
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:647
+msgid "Default: /bin/sh"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:652
+msgid "default_shell"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:655
+msgid ""
+"The default shell to use if the provider does not return one during lookup. "
+"This option can be specified globally in the [nss] section or per-domain."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:661
+msgid ""
+"Default: not set (Return NULL if no shell is specified and rely on libc to "
+"substitute something sensible when necessary, usually /bin/sh)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:668 sssd.conf.5.xml:828
+msgid "get_domains_timeout (int)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:671 sssd.conf.5.xml:831
+msgid ""
+"Specifies time in seconds for which the list of subdomains will be "
+"considered valid."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:680
+msgid "memcache_timeout (int)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:683
+msgid ""
+"Specifies time in seconds for which records in the in-memory cache will be "
+"valid"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:687 sssd-ldap.5.xml:692
+msgid "Default: 300"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:694
+msgid "PAM configuration options"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para>
+#: sssd.conf.5.xml:696
+msgid ""
+"These options can be used to configure the Pluggable Authentication Module "
+"(PAM) service."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:701
+msgid "offline_credentials_expiration (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:704
+msgid ""
+"If the authentication provider is offline, how long should we allow cached "
+"logins (in days since the last successful online login)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:709 sssd.conf.5.xml:722
+msgid "Default: 0 (No limit)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:715
+msgid "offline_failed_login_attempts (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:718
+msgid ""
+"If the authentication provider is offline, how many failed login attempts "
+"are allowed."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:728
+msgid "offline_failed_login_delay (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:731
+msgid ""
+"The time in minutes which has to pass after offline_failed_login_attempts "
+"has been reached before a new login attempt is possible."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:736
+msgid ""
+"If set to 0 the user cannot authenticate offline if "
+"offline_failed_login_attempts has been reached. Only a successful online "
+"authentication can enable offline authentication again."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:742 sssd.conf.5.xml:795
+msgid "Default: 5"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:748
+msgid "pam_verbosity (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:751
+msgid ""
+"Controls what kind of messages are shown to the user during authentication. "
+"The higher the number to more messages are displayed."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:756
+msgid "Currently sssd supports the following values:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:759
+msgid "<emphasis>0</emphasis>: do not show any message"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:762
+msgid "<emphasis>1</emphasis>: show only important messages"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:766
+msgid "<emphasis>2</emphasis>: show informational messages"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:769
+msgid "<emphasis>3</emphasis>: show all messages and debug information"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:773 sssd.8.xml:63
+msgid "Default: 1"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:778
+msgid "pam_id_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:781
+msgid ""
+"For any PAM request while SSSD is online, the SSSD will attempt to "
+"immediately update the cached identity information for the user in order to "
+"ensure that authentication takes place with the latest information."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:787
+msgid ""
+"A complete PAM conversation may perform multiple PAM requests, such as "
+"account management and session opening. This option controls (on a per-"
+"client-application basis) how long (in seconds) we can cache the identity "
+"information to avoid excessive round-trips to the identity provider."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:801
+msgid "pam_pwd_expiration_warning (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:804 sssd.conf.5.xml:1342
+msgid "Display a warning N days before the password expires."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:807
+msgid ""
+"Please note that the backend server has to provide information about the "
+"expiration time of the password. If this information is missing, sssd "
+"cannot display a warning."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:813 sssd.conf.5.xml:1345
+msgid ""
+"If zero is set, then this filter is not applied, i.e. if the expiration "
+"warning was received from backend server, it will automatically be displayed."
+""
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:818
+msgid ""
+"This setting can be overridden by setting <emphasis>pwd_expiration_warning</"
+"emphasis> for a particular domain."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:823 sssd.8.xml:79
+msgid "Default: 0"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:840
+msgid "pam_trusted_users (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:843
+msgid ""
+"Specifies the comma-separated list of UID values or user names that are "
+"allowed to access the PAM responder. User names are resolved to UIDs at "
+"startup."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:849
+msgid "Default: all (All users are allowed to access the PAM responder)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:853
+msgid ""
+"Please note that UID 0 is always allowed to access the PAM responder even in "
+"case it is not in the pam_trusted_users list."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:858
+msgid ""
+"Also please note that if there is a user name in pam_trusted_users list "
+"which fails to be resolved it will cause that SSSD will not be started."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:865
+msgid "pam_public_domains (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:868
+msgid ""
+"Specifies the comma-separated list of domain names that are accessible even "
+"to untrusted users."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:872
+msgid "Two special values for pam_public_domains option are defined:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:876
+msgid ""
+"all (Untrusted users are allowed to access all domains in PAM responder.)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:880
+msgid ""
+"none (Untrusted users are not allowed to access any domains PAM in responder."
+")"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:884 sssd.conf.5.xml:1144 sssd-ldap.5.xml:1725
+msgid "Default: none"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:893
+msgid "SUDO configuration options"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para>
+#: sssd.conf.5.xml:895
+msgid ""
+"These options can be used to configure the sudo service. The detailed "
+"instructions for configuration of <citerefentry> <refentrytitle>sudo</"
+"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to work with "
+"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> "
+"</citerefentry> are in the manual page <citerefentry> <refentrytitle>sssd-"
+"sudo</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:912
+msgid "sudo_timed (bool)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:915
+msgid ""
+"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
+"that implement time-dependent sudoers entries."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:928
+msgid "AUTOFS configuration options"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para>
+#: sssd.conf.5.xml:930
+msgid "These options can be used to configure the autofs service."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:934
+msgid "autofs_negative_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:937
+msgid ""
+"Specifies for how many seconds should the autofs responder negative cache "
+"hits (that is, queries for invalid map entries, like nonexistent ones) "
+"before asking the back end again."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:953
+msgid "SSH configuration options"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para>
+#: sssd.conf.5.xml:955
+msgid "These options can be used to configure the SSH service."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:959
+msgid "ssh_hash_known_hosts (bool)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:962
+msgid ""
+"Whether or not to hash host names and addresses in the managed known_hosts "
+"file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:971
+msgid "ssh_known_hosts_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:974
+msgid ""
+"How many seconds to keep a host in the managed known_hosts file after its "
+"host keys were requested."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:978
+msgid "Default: 180"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:986
+msgid "PAC responder configuration options"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para>
+#: sssd.conf.5.xml:988
+msgid ""
+"The PAC responder works together with the authorization data plugin for MIT "
+"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
+"PAC data during a GSSAPI authentication to the PAC responder. The sub-domain "
+"provider collects domain SID and ID ranges of the domain the client is "
+"joined to and of remote trusted domains from the local domain controller. "
+"If the PAC is decoded and evaluated some of the following operations are "
+"done:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
+#: sssd.conf.5.xml:997
+msgid ""
+"If the remote user does not exist in the cache, it is created. The uid is "
+"determined with the help of the SID, trusted domains will have UPGs and the "
+"gid will have the same value as the uid. The home directory is set based on "
+"the subdomain_homedir parameter. The shell will be empty by default, i.e. "
+"the system defaults are used, but can be overwritten with the default_shell "
+"parameter."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
+#: sssd.conf.5.xml:1005
+msgid ""
+"If there are SIDs of groups from domains sssd knows about, the user will be "
+"added to those groups."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para>
+#: sssd.conf.5.xml:1011
+msgid "These options can be used to configure the PAC responder."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1015 sssd-ifp.5.xml:50
+msgid "allowed_uids (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1018
+msgid ""
+"Specifies the comma-separated list of UID values or user names that are "
+"allowed to access the PAC responder. User names are resolved to UIDs at "
+"startup."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1024
+msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1028
+msgid ""
+"Please note that although the UID 0 is used as the default it will be "
+"overwritten with this option. If you still want to allow the root user to "
+"access the PAC responder, which would be the typical case, you have to add 0 "
+"to the list of allowed UIDs as well."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd.conf.5.xml:1042
+msgid "DOMAIN SECTIONS"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1049
+msgid "min_id,max_id (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1052
+msgid ""
+"UID and GID limits for the domain. If a domain contains an entry that is "
+"outside these limits, it is ignored."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1057
+msgid ""
+"For users, this affects the primary GID limit. The user will not be returned "
+"to NSS if either the UID or the primary GID is outside the range. For non-"
+"primary group memberships, those that are in range will be reported as "
+"expected."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1064
+msgid ""
+"These ID limits affect even saving entries to cache, not only returning them "
+"by name or ID."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1068
+msgid "Default: 1 for min_id, 0 (no limit) for max_id"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1074
+msgid "enumerate (bool)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1077
+msgid ""
+"Determines if a domain can be enumerated. This parameter can have one of the "
+"following values:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1081
+msgid "TRUE = Users and groups are enumerated"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1084
+msgid "FALSE = No enumerations for this domain"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1087 sssd.conf.5.xml:1319 sssd.conf.5.xml:1428 sssd.conf.5.xml:1445
+msgid "Default: FALSE"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1090
+msgid ""
+"Note: Enabling enumeration has a moderate performance impact on SSSD while "
+"enumeration is running. It may take up to several minutes after SSSD startup "
+"to fully complete enumerations. During this time, individual requests for "
+"information will go directly to LDAP, though it may be slow, due to the "
+"heavy enumeration processing. Saving a large number of entries to cache "
+"after the enumeration completes might also be CPU intensive as the "
+"memberships have to be recomputed."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1103
+msgid ""
+"While the first enumeration is running, requests for the complete user or "
+"group lists may return no results until it completes."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1108
+msgid ""
+"Further, enabling enumeration may increase the time necessary to detect "
+"network disconnection, as longer timeouts are required to ensure that "
+"enumeration lookups are completed successfully. For more information, refer "
+"to the man pages for the specific id_provider in use."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1116
+msgid ""
+"For the reasons cited above, enabling enumeration is not recommended, "
+"especially in large environments."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1124
+msgid "subdomain_enumerate (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1131
+msgid "all"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1132
+msgid "All discovered trusted domains will be enumerated"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1135
+msgid "none"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1136
+msgid "No discovered trusted domains will be enumerated"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1127
+msgid ""
+"Whether any of autodetected trusted domains should be enumerated. The "
+"supported values are: <placeholder type=\"variablelist\" id=\"0\"/> "
+"Optionally, a list of one or more domain names can enable enumeration just "
+"for these trusted domains."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1167
+msgid "entry_cache_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1170
+msgid ""
+"How many seconds should nss_sss consider entries valid before asking the "
+"backend again"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1174
+msgid ""
+"The cache expiration timestamps are stored as attributes of individual "
+"objects in the cache. Therefore, changing the cache timeout only has effect "
+"for newly added or expired entries. You should run the <citerefentry> "
+"<refentrytitle>sss_cache</refentrytitle> <manvolnum>8</manvolnum> </"
+"citerefentry> tool in order to force refresh of entries that have already "
+"been cached."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1187
+msgid "Default: 5400"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1193
+msgid "entry_cache_user_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1196
+msgid ""
+"How many seconds should nss_sss consider user entries valid before asking "
+"the backend again"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1200 sssd.conf.5.xml:1213 sssd.conf.5.xml:1226 sssd.conf.5.xml:1239 sssd.conf.5.xml:1252 sssd.conf.5.xml:1266 sssd.conf.5.xml:1280
+msgid "Default: entry_cache_timeout"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1206
+msgid "entry_cache_group_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1209
+msgid ""
+"How many seconds should nss_sss consider group entries valid before asking "
+"the backend again"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1219
+msgid "entry_cache_netgroup_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1222
+msgid ""
+"How many seconds should nss_sss consider netgroup entries valid before "
+"asking the backend again"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1232
+msgid "entry_cache_service_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1235
+msgid ""
+"How many seconds should nss_sss consider service entries valid before asking "
+"the backend again"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1245
+msgid "entry_cache_sudo_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1248
+msgid ""
+"How many seconds should sudo consider rules valid before asking the backend "
+"again"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1258
+msgid "entry_cache_autofs_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1261
+msgid ""
+"How many seconds should the autofs service consider automounter maps valid "
+"before asking the backend again"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1272
+msgid "entry_cache_ssh_host_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1275
+msgid ""
+"How many seconds to keep a host ssh key after refresh. IE how long to cache "
+"the host key for."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1286
+msgid "refresh_expired_interval (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1289
+msgid ""
+"Specifies how many seconds SSSD has to wait before triggering a background "
+"refresh task which will refresh all expired or nearly expired records."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1294
+msgid "Currently only refreshing expired netgroups is supported."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1298
+msgid "You can consider setting this value to 3/4 * entry_cache_timeout."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1302 sssd-ipa.5.xml:221
+msgid "Default: 0 (disabled)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1308
+msgid "cache_credentials (bool)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1311
+msgid "Determines if user credentials are also cached in the local LDB cache"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1315
+msgid "User credentials are stored in a SHA512 hash, not in plaintext"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1324
+msgid "account_cache_expiration (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1327
+msgid ""
+"Number of days entries are left in cache after last successful login before "
+"being removed during a cleanup of the cache. 0 means keep forever. The "
+"value of this parameter must be greater than or equal to "
+"offline_credentials_expiration."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1334
+msgid "Default: 0 (unlimited)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1339
+msgid "pwd_expiration_warning (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1350
+msgid ""
+"Please note that the backend server has to provide information about the "
+"expiration time of the password. If this information is missing, sssd "
+"cannot display a warning. Also an auth provider has to be configured for the "
+"backend."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1357
+msgid "Default: 7 (Kerberos), 0 (LDAP)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1363
+msgid "id_provider (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1366
+msgid ""
+"The identification provider used for the domain. Supported ID providers are:"
+""
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1370
+msgid "<quote>proxy</quote>: Support a legacy NSS provider"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1373 sssd.conf.5.xml:1491
+msgid "<quote>local</quote>: SSSD internal provider for local users"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1377
+msgid ""
+"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-"
+"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
+"information on configuring LDAP."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1385 sssd.conf.5.xml:1471 sssd.conf.5.xml:1526 sssd.conf.5.xml:1579
+msgid ""
+"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
+"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> for more information on configuring "
+"FreeIPA."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1394 sssd.conf.5.xml:1480 sssd.conf.5.xml:1535 sssd.conf.5.xml:1588
+msgid ""
+"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
+"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> for more information on configuring Active Directory."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1405
+msgid "use_fully_qualified_names (bool)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1408
+msgid ""
+"Use the full name and domain (as formatted by the domain's full_name_format) "
+"as the user's login name reported to NSS."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1413
+msgid ""
+"If set to TRUE, all requests to this domain must use fully qualified names. "
+"For example, if used in LOCAL domain that contains a \"test\" user, "
+"<command>getent passwd test</command> wouldn't find the user while "
+"<command>getent passwd test@LOCAL</command> would."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1421
+msgid ""
+"NOTE: This option has no effect on netgroup lookups due to their tendency to "
+"include nested netgroups without qualified names. For netgroups, all domains "
+"will be searched when an unqualified name is requested."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1433
+msgid "ignore_group_members (bool)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1436
+msgid "Do not return group members for group lookups."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1439
+msgid ""
+"If set to TRUE, the group membership attribute is not requested from the "
+"ldap server, and group members are not returned when processing group lookup "
+"calls."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1450
+msgid "auth_provider (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1453
+msgid ""
+"The authentication provider used for the domain. Supported auth providers "
+"are:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1457 sssd.conf.5.xml:1519
+msgid ""
+"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
+"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> for more information on configuring LDAP."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1464
+msgid ""
+"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
+"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> for more information on configuring Kerberos."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1488
+msgid ""
+"<quote>proxy</quote> for relaying authentication to some other PAM target."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1495
+msgid "<quote>none</quote> disables authentication explicitly."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1498
+msgid ""
+"Default: <quote>id_provider</quote> is used if it is set and can handle "
+"authentication requests."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1504
+msgid "access_provider (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1507
+msgid ""
+"The access control provider used for the domain. There are two built-in "
+"access providers (in addition to any included in installed backends) "
+"Internal special providers are:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1513
+msgid ""
+"<quote>permit</quote> always allow access. It's the only permitted access "
+"provider for a local domain."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1516
+msgid "<quote>deny</quote> always deny access."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1543
+msgid ""
+"<quote>simple</quote> access control based on access or deny lists. See "
+"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
+"manvolnum></citerefentry> for more information on configuring the simple "
+"access module."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1550
+msgid "Default: <quote>permit</quote>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1555
+msgid "chpass_provider (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1558
+msgid ""
+"The provider which should handle change password operations for the domain. "
+"Supported change password providers are:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1563
+msgid ""
+"<quote>ldap</quote> to change a password stored in a LDAP server. See "
+"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> for more information on configuring LDAP."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1571
+msgid ""
+"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
+"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> for more information on configuring Kerberos."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1596
+msgid ""
+"<quote>proxy</quote> for relaying password changes to some other PAM target."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1600
+msgid "<quote>none</quote> disallows password changes explicitly."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1603
+msgid ""
+"Default: <quote>auth_provider</quote> is used if it is set and can handle "
+"change password requests."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1610
+msgid "sudo_provider (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1613
+msgid "The SUDO provider used for the domain. Supported SUDO providers are:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1617
+msgid ""
+"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
+"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> for more information on configuring LDAP."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1625
+msgid ""
+"<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default "
+"settings."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1629
+msgid ""
+"<quote>ad</quote> the same as <quote>ldap</quote> but with AD default "
+"settings."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1633
+msgid "<quote>none</quote> disables SUDO explicitly."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1636 sssd.conf.5.xml:1714 sssd.conf.5.xml:1746 sssd.conf.5.xml:1771
+msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1640
+msgid ""
+"The detailed instructions for configuration of sudo_provider are in the "
+"manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry>. There are many configuration "
+"options that can be used to adjust the behavior. Please refer to "
+"\"ldap_sudo_*\" in <citerefentry> <refentrytitle>sssd-ldap</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1657
+msgid "selinux_provider (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1660
+msgid ""
+"The provider which should handle loading of selinux settings. Note that this "
+"provider will be called right after access provider ends. Supported selinux "
+"providers are:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1666
+msgid ""
+"<quote>ipa</quote> to load selinux settings from an IPA server. See "
+"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> for more information on configuring IPA."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1674
+msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1677
+msgid ""
+"Default: <quote>id_provider</quote> is used if it is set and can handle "
+"selinux loading requests."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1683
+msgid "subdomains_provider (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1686
+msgid ""
+"The provider which should handle fetching of subdomains. This value should "
+"be always the same as id_provider. Supported subdomain providers are:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1692
+msgid ""
+"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
+"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> for more information on configuring IPA."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1701
+msgid ""
+"<quote>ad</quote> to load a list of subdomains from an Active Directory "
+"server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> for more information on configuring "
+"the AD provider."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1710
+msgid "<quote>none</quote> disallows fetching subdomains explicitly."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1721
+msgid "autofs_provider (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1724
+msgid ""
+"The autofs provider used for the domain. Supported autofs providers are:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1728
+msgid ""
+"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
+"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> for more information on configuring LDAP."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1735
+msgid ""
+"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
+"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> for more information on configuring IPA."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1743
+msgid "<quote>none</quote> disables autofs explicitly."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1753
+msgid "hostid_provider (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1756
+msgid ""
+"The provider used for retrieving host identity information. Supported "
+"hostid providers are:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1760
+msgid ""
+"<quote>ipa</quote> to load host identity stored in an IPA server. See "
+"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> for more information on configuring IPA."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1768
+msgid "<quote>none</quote> disables hostid explicitly."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1781
+msgid ""
+"Regular expression for this domain that describes how to parse the string "
+"containing user name and domain into these components. The \"domain\" can "
+"match either the SSSD configuration domain name, or, in the case of IPA "
+"trust subdomains and Active Directory domains, the flat (NetBIOS) name of "
+"the domain."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1790
+msgid ""
+"Default for the AD and IPA provider: "
+"<quote>(((?P&lt;domain&gt;[^\\\\]+)\\\\(?P&lt;name&gt;."
+"+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;."
+"+$))|(^(?P&lt;name&gt;[^@\\\\]+)$))</quote> which allows three different "
+"styles for user names:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd.conf.5.xml:1795
+msgid "username"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd.conf.5.xml:1798
+msgid "username@domain.name"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd.conf.5.xml:1801
+msgid "domain\\username"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1804
+msgid ""
+"While the first two correspond to the general default the third one is "
+"introduced to allow easy integration of users from Windows domains."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1809
+msgid ""
+"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
+"which translates to \"the name is everything up to the <quote>@</quote> "
+"sign, the domain everything after that\""
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1815
+msgid ""
+"PLEASE NOTE: the support for non-unique named subpatterns is not available "
+"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
+"version 7 or higher can support non-unique named subpatterns."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1822
+msgid ""
+"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax "
+"(?P&lt;name&gt;) to label subpatterns."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1869
+msgid "Default: <quote>%1$s@%2$s</quote>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1875
+msgid "lookup_family_order (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1878
+msgid ""
+"Provides the ability to select preferred address family to use when "
+"performing DNS lookups."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1882
+msgid "Supported values:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1885
+msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1888
+msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1891
+msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1894
+msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1897
+msgid "Default: ipv4_first"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1903
+msgid "dns_resolver_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1906
+msgid ""
+"Defines the amount of time (in seconds) to wait for a reply from the DNS "
+"resolver before assuming that it is unreachable. If this timeout is reached, "
+"the domain will continue to operate in offline mode."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1912 sssd-ldap.5.xml:1156 sssd-ldap.5.xml:1198 sssd-ldap.5.xml:1213 sssd-krb5.5.xml:239
+msgid "Default: 6"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1918
+msgid "dns_discovery_domain (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1921
+msgid ""
+"If service discovery is used in the back end, specifies the domain part of "
+"the service discovery DNS query."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1925
+msgid "Default: Use the domain part of machine's hostname"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1931
+msgid "override_gid (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1934
+msgid "Override the primary GID value with the one specified."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1940
+msgid "case_sensitive (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1948
+msgid "True"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1951
+msgid "Case sensitive. This value is invalid for AD provider."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1957
+msgid "False"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1959
+msgid "Case insensitive."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1963
+msgid "Preserving"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1966
+msgid ""
+"Same as False (case insensitive), but does not lowercase names in the output "
+"of getpwnam and getgrnam."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1943
+msgid ""
+"Treat user and group names as case sensitive. At the moment, this option is "
+"not supported in the local provider. Possible option values are: "
+"<placeholder type=\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1975
+msgid "Default: True (False for AD provider)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1981
+msgid "proxy_fast_alias (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1984
+msgid ""
+"When a user or group is looked up by name in the proxy provider, a second "
+"lookup by ID is performed to \"canonicalize\" the name in case the requested "
+"name was an alias. Setting this option to true would cause the SSSD to "
+"perform the ID lookup from cache for performance reasons."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1998
+msgid "subdomain_homedir (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:2009
+msgid "%F"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:2010
+msgid "flat (NetBIOS) name of a subdomain."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:2001
+msgid ""
+"Use this homedir as default value for all subdomains within this domain in "
+"IPA AD trust. See <emphasis>override_homedir</emphasis> for info about "
+"possible values. In addition to those, the expansion below can only be used "
+"with <emphasis>subdomain_homedir</emphasis>. <placeholder type="
+"\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:2015
+msgid ""
+"The value can be overridden by <emphasis>override_homedir</emphasis> option."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:2019
+msgid "Default: <filename>/home/%d/%u</filename>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:2024
+msgid "realmd_tags (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:2027
+msgid ""
+"Various tags stored by the realmd configuration service for this domain."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:1044
+msgid ""
+"These configuration options can be present in a domain configuration "
+"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
+"replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:2040
+msgid "proxy_pam_target (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:2043
+msgid "The proxy target PAM proxies to."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:2046
+msgid ""
+"Default: not set by default, you have to take an existing pam configuration "
+"or create a new one and add the service name here."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:2054
+msgid "proxy_lib_name (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:2057
+msgid ""
+"The name of the NSS library to use in proxy domains. The NSS functions "
+"searched for in the library are in the form of _nss_$(libName)_$(function), "
+"for example _nss_files_getpwent."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:2036
+msgid ""
+"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
+"\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:2069
+msgid "The local domain section"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para>
+#: sssd.conf.5.xml:2071
+msgid ""
+"This section contains settings for domain that stores users and groups in "
+"SSSD native database, that is, a domain that uses <replaceable>id_provider="
+"local</replaceable>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:2078
+msgid "default_shell (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:2081
+msgid "The default shell for users created with SSSD userspace tools."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:2085
+msgid "Default: <filename>/bin/bash</filename>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:2090
+msgid "base_directory (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:2093
+msgid ""
+"The tools append the login name to <replaceable>base_directory</replaceable> "
+"and use that as the home directory."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:2098
+msgid "Default: <filename>/home</filename>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:2103
+msgid "create_homedir (bool)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:2106
+msgid ""
+"Indicate if a home directory should be created by default for new users. "
+"Can be overridden on command line."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:2110 sssd.conf.5.xml:2122
+msgid "Default: TRUE"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:2115
+msgid "remove_homedir (bool)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:2118
+msgid ""
+"Indicate if a home directory should be removed by default for deleted users. "
+" Can be overridden on command line."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:2127
+msgid "homedir_umask (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:2130
+msgid ""
+"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
+"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
+"on a newly created home directory."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:2138
+msgid "Default: 077"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:2143
+msgid "skel_dir (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:2146
+msgid ""
+"The skeleton directory, which contains files and directories to be copied in "
+"the user's home directory, when the home directory is created by "
+"<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</"
+"manvolnum> </citerefentry>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:2156
+msgid "Default: <filename>/etc/skel</filename>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:2161
+msgid "mail_dir (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:2164
+msgid ""
+"The mail spool directory. This is needed to manipulate the mailbox when its "
+"corresponding user account is modified or deleted. If not specified, a "
+"default value is used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:2171
+msgid "Default: <filename>/var/mail</filename>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:2176
+msgid "userdel_cmd (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:2179
+msgid ""
+"The command that is run after a user is removed. The command us passed the "
+"username of the user being removed as the first and only parameter. The "
+"return code of the command is not taken into account."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:2185
+msgid "Default: None, no command is run"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd.conf.5.xml:2195 sssd-ldap.5.xml:2476 sssd-simple.5.xml:131 sssd-ipa.5.xml:694 sssd-ad.5.xml:792 sssd-krb5.5.xml:519 sss_rpcidmapd.5.xml:98
+msgid "EXAMPLE"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd.conf.5.xml:2201
+#, no-wrap
+msgid ""
+"[sssd]\n"
+"domains = LDAP\n"
+"services = nss, pam\n"
+"config_file_version = 2\n"
+"\n"
+"[nss]\n"
+"filter_groups = root\n"
+"filter_users = root\n"
+"\n"
+"[pam]\n"
+"\n"
+"[domain/LDAP]\n"
+"id_provider = ldap\n"
+"ldap_uri = ldap://ldap.example.com\n"
+"ldap_search_base = dc=example,dc=com\n"
+"\n"
+"auth_provider = krb5\n"
+"krb5_server = kerberos.example.com\n"
+"krb5_realm = EXAMPLE.COM\n"
+"cache_credentials = true\n"
+"\n"
+"min_id = 10000\n"
+"max_id = 20000\n"
+"enumerate = False\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:2197
+msgid ""
+"The following example shows a typical SSSD config. It does not describe "
+"configuration of the domains themselves - refer to documentation on "
+"configuring domains for more details. <placeholder type=\"programlisting\" "
+"id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16
+msgid "sssd-ldap"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sssd-ldap.5.xml:17
+msgid "SSSD LDAP provider"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:23
+msgid ""
+"This manual page describes the configuration of LDAP domains for "
+"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> "
+"</citerefentry>. Refer to the <quote>FILE FORMAT</quote> section of the "
+"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> manual page for detailed syntax information."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:35
+msgid "You can configure SSSD to use more than one LDAP domain."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:38
+msgid ""
+"LDAP back end supports id, auth, access and chpass providers. If you want to "
+"authenticate against an LDAP server either TLS/SSL or LDAPS is required. "
+"<command>sssd</command> <emphasis>does not</emphasis> support authentication "
+"over an unencrypted channel. If the LDAP server is used only as an identity "
+"provider, an encrypted channel is not needed. Please refer to "
+"<quote>ldap_access_filter</quote> config option for more information about "
+"using LDAP as an access provider."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:70 sssd-ad.5.xml:88 sssd-krb5.5.xml:63 sssd-ifp.5.xml:44
+msgid "CONFIGURATION OPTIONS"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:60
+msgid "ldap_uri, ldap_backup_uri (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:63
+msgid ""
+"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD "
+"should connect in the order of preference. Refer to the <quote>FAILOVER</"
+"quote> section for more information on failover and server redundancy. If "
+"neither option is specified, service discovery is enabled. For more "
+"information, refer to the <quote>SERVICE DISCOVERY</quote> section."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:70
+msgid "The format of the URI must match the format defined in RFC 2732:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:73
+msgid "ldap[s]://&lt;host&gt;[:port]"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:76
+msgid ""
+"For explicit IPv6 addresses, &lt;host&gt; must be enclosed in brackets []"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:79
+msgid "example: ldap://[fc00::126:25]:389"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:85
+msgid "ldap_chpass_uri, ldap_chpass_backup_uri (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:88
+msgid ""
+"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD "
+"should connect in the order of preference to change the password of a user. "
+"Refer to the <quote>FAILOVER</quote> section for more information on "
+"failover and server redundancy."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:95
+msgid "To enable service discovery ldap_chpass_dns_service_name must be set."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:99
+msgid "Default: empty, i.e. ldap_uri is used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:105
+msgid "ldap_search_base (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:108
+msgid "The default base DN to use for performing LDAP user operations."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:112
+msgid ""
+"Starting with SSSD 1.7.0, SSSD supports multiple search bases using the "
+"syntax:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:116
+msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:119
+msgid "The scope can be one of \"base\", \"onelevel\" or \"subtree\"."
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: sssd-ldap.5.xml:122 include/ldap_search_bases.xml:18
+msgid ""
+"The filter must be a valid LDAP search filter as specified by http://www."
+"ietf.org/rfc/rfc2254.txt"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:632 sssd-ad.5.xml:212
+msgid "Examples:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:129
+msgid ""
+"ldap_search_base = dc=example,dc=com (which is equivalent to) "
+"ldap_search_base = dc=example,dc=com?subtree?"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:134
+msgid ""
+"ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?(host="
+"thishost)?dc=example.com?subtree?"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:137
+msgid ""
+"Note: It is unsupported to have multiple search bases which reference "
+"identically-named objects (for example, groups with the same name in two "
+"different search bases). This will lead to unpredictable behavior on client "
+"machines."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:144
+msgid ""
+"Default: If not set, the value of the defaultNamingContext or namingContexts "
+"attribute from the RootDSE of the LDAP server is used. If "
+"defaultNamingContext does not exist or has an empty value namingContexts is "
+"used. The namingContexts attribute must have a single value with the DN of "
+"the search base of the LDAP server to make this work. Multiple values are "
+"are not supported."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:158
+msgid "ldap_schema (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:161
+msgid ""
+"Specifies the Schema Type in use on the target LDAP server. Depending on "
+"the selected schema, the default attribute names retrieved from the servers "
+"may vary. The way that some attributes are handled may also differ."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:168
+msgid "Four schema types are currently supported:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd-ldap.5.xml:172
+msgid "rfc2307"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd-ldap.5.xml:177
+msgid "rfc2307bis"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd-ldap.5.xml:182
+msgid "IPA"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd-ldap.5.xml:187
+msgid "AD"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:193
+msgid ""
+"The main difference between these schema types is how group memberships are "
+"recorded in the server. With rfc2307, group members are listed by name in "
+"the <emphasis>memberUid</emphasis> attribute. With rfc2307bis and IPA, "
+"group members are listed by DN and stored in the <emphasis>member</emphasis> "
+"attribute. The AD schema type sets the attributes to correspond with Active "
+"Directory 2008r2 values."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:203
+msgid "Default: rfc2307"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:209
+msgid "ldap_default_bind_dn (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:212
+msgid "The default bind DN to use for performing LDAP operations."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:219
+msgid "ldap_default_authtok_type (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:222
+msgid "The type of the authentication token of the default bind DN."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:226
+msgid "The two mechanisms currently supported are:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:229
+msgid "password"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:232
+msgid "obfuscated_password"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:235
+msgid "Default: password"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:241
+msgid "ldap_default_authtok (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:244
+msgid ""
+"The authentication token of the default bind DN. Only clear text passwords "
+"are currently supported."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:251
+msgid "ldap_user_object_class (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:254
+msgid "The object class of a user entry in LDAP."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:257
+msgid "Default: posixAccount"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:263
+msgid "ldap_user_name (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:266
+msgid "The LDAP attribute that corresponds to the user's login name."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:270
+msgid "Default: uid"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:276
+msgid "ldap_user_uid_number (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:279
+msgid "The LDAP attribute that corresponds to the user's id."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:283
+msgid "Default: uidNumber"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:289
+msgid "ldap_user_gid_number (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:292
+msgid "The LDAP attribute that corresponds to the user's primary group id."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:830
+msgid "Default: gidNumber"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:302
+msgid "ldap_user_gecos (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:305
+msgid "The LDAP attribute that corresponds to the user's gecos field."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:309
+msgid "Default: gecos"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:315
+msgid "ldap_user_home_directory (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:318
+msgid ""
+"The LDAP attribute that contains the name of the user's home directory."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:322
+msgid "Default: homeDirectory"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:328
+msgid "ldap_user_shell (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:331
+msgid "The LDAP attribute that contains the path to the user's default shell."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:335
+msgid "Default: loginShell"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:341
+msgid "ldap_user_objectsid (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:344
+msgid ""
+"The LDAP attribute that contains the objectSID of an LDAP user object. This "
+"is usually only necessary for ActiveDirectory servers."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:349 sssd-ldap.5.xml:857
+msgid "Default: ipaNTSecurityIdentifier for IPA, objectSID for other servers."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:356
+msgid "ldap_user_modify_timestamp (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:359 sssd-ldap.5.xml:867 sssd-ldap.5.xml:1072
+msgid ""
+"The LDAP attribute that contains timestamp of the last modification of the "
+"parent object."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:363 sssd-ldap.5.xml:871 sssd-ldap.5.xml:1079
+msgid "Default: modifyTimestamp"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:369
+msgid "ldap_user_shadow_last_change (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:372
+msgid ""
+"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
+"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
+"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (date of "
+"the last password change)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:382
+msgid "Default: shadowLastChange"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:388
+msgid "ldap_user_shadow_min (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:391
+msgid ""
+"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
+"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
+"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (minimum "
+"password age)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:400
+msgid "Default: shadowMin"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:406
+msgid "ldap_user_shadow_max (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:409
+msgid ""
+"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
+"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
+"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (maximum "
+"password age)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:418
+msgid "Default: shadowMax"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:424
+msgid "ldap_user_shadow_warning (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:427
+msgid ""
+"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
+"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
+"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart "
+"(password warning period)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:437
+msgid "Default: shadowWarning"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:443
+msgid "ldap_user_shadow_inactive (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:446
+msgid ""
+"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
+"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
+"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart "
+"(password inactivity period)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:456
+msgid "Default: shadowInactive"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:462
+msgid "ldap_user_shadow_expire (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:465
+msgid ""
+"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this "
+"parameter contains the name of an LDAP attribute corresponding to its "
+"<citerefentry> <refentrytitle>shadow</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> counterpart (account expiration date)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:475
+msgid "Default: shadowExpire"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:481
+msgid "ldap_user_krb_last_pwd_change (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:484
+msgid ""
+"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of "
+"an LDAP attribute storing the date and time of last password change in "
+"kerberos."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:490
+msgid "Default: krbLastPwdChange"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:496
+msgid "ldap_user_krb_password_expiration (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:499
+msgid ""
+"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of "
+"an LDAP attribute storing the date and time when current password expires."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:505
+msgid "Default: krbPasswordExpiration"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:511
+msgid "ldap_user_ad_account_expires (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:514
+msgid ""
+"When using ldap_account_expire_policy=ad, this parameter contains the name "
+"of an LDAP attribute storing the expiration time of the account."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:519
+msgid "Default: accountExpires"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:525
+msgid "ldap_user_ad_user_account_control (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:528
+msgid ""
+"When using ldap_account_expire_policy=ad, this parameter contains the name "
+"of an LDAP attribute storing the user account control bit field."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:533
+msgid "Default: userAccountControl"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:539
+msgid "ldap_ns_account_lock (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:542
+msgid ""
+"When using ldap_account_expire_policy=rhds or equivalent, this parameter "
+"determines if access is allowed or not."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:547
+msgid "Default: nsAccountLock"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:553
+msgid "ldap_user_nds_login_disabled (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:556
+msgid ""
+"When using ldap_account_expire_policy=nds, this attribute determines if "
+"access is allowed or not."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:560 sssd-ldap.5.xml:574
+msgid "Default: loginDisabled"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:566
+msgid "ldap_user_nds_login_expiration_time (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:569
+msgid ""
+"When using ldap_account_expire_policy=nds, this attribute determines until "
+"which date access is granted."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:580
+msgid "ldap_user_nds_login_allowed_time_map (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:583
+msgid ""
+"When using ldap_account_expire_policy=nds, this attribute determines the "
+"hours of a day in a week when access is granted."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:588
+msgid "Default: loginAllowedTimeMap"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:594
+msgid "ldap_user_principal (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:597
+msgid ""
+"The LDAP attribute that contains the user's Kerberos User Principal Name "
+"(UPN)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:601
+msgid "Default: krbPrincipalName"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:607
+msgid "ldap_user_extra_attrs (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:610
+msgid ""
+"Comma-separated list of LDAP attributes that SSSD would fetch along with the "
+"usual set of user attributes."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:615
+msgid ""
+"The list can either contain LDAP attribute names only, or colon-separated "
+"tuples of SSSD cache attribute name and LDAP attribute name. In case only "
+"LDAP attribute name is specified, the attribute is saved to the cache "
+"verbatim. Using a custom SSSD attribute name might be required by "
+"environments that configure several SSSD domains with different LDAP schemas."
+""
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:625
+msgid ""
+"Please note that several attribute names are reserved by SSSD, notably the "
+"<quote>name</quote> attribute. SSSD would report an error if any of the "
+"reserved attribute names is used as an extra attribute name."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:635
+msgid "ldap_user_extra_attrs = telephoneNumber"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:638
+msgid ""
+"Save the <quote>telephoneNumber</quote> attribute from LDAP as "
+"<quote>telephoneNumber</quote> to the cache."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:642
+msgid "ldap_user_extra_attrs = phone:telephoneNumber"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:645
+msgid ""
+"Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</"
+"quote> to the cache."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:655
+msgid "ldap_user_ssh_public_key (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:658
+msgid "The LDAP attribute that contains the user's SSH public keys."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:662
+msgid "Default: sshPublicKey"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:668
+msgid "ldap_force_upper_case_realm (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:671
+msgid ""
+"Some directory servers, for example Active Directory, might deliver the "
+"realm part of the UPN in lower case, which might cause the authentication to "
+"fail. Set this option to a non-zero value if you want to use an upper-case "
+"realm."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:684
+msgid "ldap_enumeration_refresh_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:687
+msgid ""
+"Specifies how many seconds SSSD has to wait before refreshing its cache of "
+"enumerated records."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:698
+msgid "ldap_purge_cache_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:701
+msgid ""
+"Determine how often to check the cache for inactive entries (such as groups "
+"with no members and users who have never logged in) and remove them to save "
+"space."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:707
+msgid "Setting this option to zero will disable the cache cleanup operation."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:711
+msgid "Default: 10800 (3 hours)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:717
+msgid "ldap_user_fullname (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:720
+msgid "The LDAP attribute that corresponds to the user's full name."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:724 sssd-ldap.5.xml:817 sssd-ldap.5.xml:1030 sssd-ldap.5.xml:1104 sssd-ldap.5.xml:2071 sssd-ldap.5.xml:2410 sssd-ipa.5.xml:570
+msgid "Default: cn"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:730
+msgid "ldap_user_member_of (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:733
+msgid "The LDAP attribute that lists the user's group memberships."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:737
+msgid "Default: memberOf"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:743
+msgid "ldap_user_authorized_service (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:746
+msgid ""
+"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will "
+"use the presence of the authorizedService attribute in the user's LDAP entry "
+"to determine access privilege."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:753
+msgid ""
+"An explicit deny (!svc) is resolved first. Second, SSSD searches for "
+"explicit allow (svc) and finally for allow_all (*)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:758
+msgid ""
+"Please note that the ldap_access_order configuration option <emphasis>must</"
+"emphasis> include <quote>authorized_service</quote> in order for the "
+"ldap_user_authorized_service option to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:765
+msgid "Default: authorizedService"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:771
+msgid "ldap_user_authorized_host (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:774
+msgid ""
+"If access_provider=ldap and ldap_access_order=host, SSSD will use the "
+"presence of the host attribute in the user's LDAP entry to determine access "
+"privilege."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:780
+msgid ""
+"An explicit deny (!host) is resolved first. Second, SSSD searches for "
+"explicit allow (host) and finally for allow_all (*)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:785
+msgid ""
+"Please note that the ldap_access_order configuration option <emphasis>must</"
+"emphasis> include <quote>host</quote> in order for the "
+"ldap_user_authorized_host option to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:792
+msgid "Default: host"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:798
+msgid "ldap_group_object_class (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:801
+msgid "The object class of a group entry in LDAP."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:804
+msgid "Default: posixGroup"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:810
+msgid "ldap_group_name (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:813
+msgid "The LDAP attribute that corresponds to the group name."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:823
+msgid "ldap_group_gid_number (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:826
+msgid "The LDAP attribute that corresponds to the group's id."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:836
+msgid "ldap_group_member (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:839
+msgid "The LDAP attribute that contains the names of the group's members."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:843
+msgid "Default: memberuid (rfc2307) / member (rfc2307bis)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:849
+msgid "ldap_group_objectsid (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:852
+msgid ""
+"The LDAP attribute that contains the objectSID of an LDAP group object. This "
+"is usually only necessary for ActiveDirectory servers."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:864
+msgid "ldap_group_modify_timestamp (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:877
+msgid "ldap_group_type (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:880
+msgid ""
+"The LDAP attribute that contains an integer value indicating the type of the "
+"group and maybe other flags."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:885
+msgid ""
+"This attribute is currently only used by the AD provider to determine if a "
+"group is a domain local groups and has to be filtered out for trusted "
+"domains."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:891
+msgid "Default: groupType in the AD provider, othewise not set"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:898
+msgid "ldap_group_nesting_level (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:901
+msgid ""
+"If ldap_schema is set to a schema format that supports nested groups (e.g. "
+"RFC2307bis), then this option controls how many levels of nesting SSSD will "
+"follow. This option has no effect on the RFC2307 schema."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:908
+msgid ""
+"Note: This option specifies the guaranteed level of nested groups to be "
+"processed for any lookup. However, nested groups beyond this limit "
+"<emphasis>may be</emphasis> returned if previous lookups already resolved "
+"the deeper nesting levels. Also, subsequent lookups for other groups may "
+"enlarge the result set for original lookup if re-queried."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:917
+msgid ""
+"If ldap_group_nesting_level is set to 0 then no nested groups are processed "
+"at all. However, when connected to Active-Directory Server 2008 and later it "
+"is furthermore required to disable usage of Token-Groups by setting "
+"ldap_use_tokengroups to false."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:924
+msgid "Default: 2"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:930
+msgid "ldap_groups_use_matching_rule_in_chain"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:933
+msgid ""
+"This option tells SSSD to take advantage of an Active Directory-specific "
+"feature which may speed up group lookup operations on deployments with "
+"complex or deep nested groups."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:939
+msgid ""
+"In most common cases, it is best to leave this option disabled. It generally "
+"only provides a performance increase on very complex nestings."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:944 sssd-ldap.5.xml:971
+msgid ""
+"If this option is enabled, SSSD will use it if it detects that the server "
+"supports it during initial connection. So \"True\" here essentially means "
+"\"auto-detect\"."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:950 sssd-ldap.5.xml:977
+msgid ""
+"Note: This feature is currently known to work only with Active Directory "
+"2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/"
+"windows/desktop/aa746475%28v=vs.85%29.aspx\"> MSDN(TM) documentation</ulink> "
+"for more details."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:956 sssd-ldap.5.xml:983 sssd-ldap.5.xml:1271 sssd-ldap.5.xml:1292 sssd-ldap.5.xml:1798 include/ldap_id_mapping.xml:242
+msgid "Default: False"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:962
+msgid "ldap_initgroups_use_matching_rule_in_chain"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:965
+msgid ""
+"This option tells SSSD to take advantage of an Active Directory-specific "
+"feature which might speed up initgroups operations (most notably when "
+"dealing with complex or deep nested groups)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:989
+msgid "ldap_use_tokengroups"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:992
+msgid ""
+"This options enables or disables use of Token-Groups attribute when "
+"performing initgroup for users from Active Directory Server 2008 and later."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:997 sssd-ad.5.xml:742 sss_rpcidmapd.5.xml:76
+msgid "Default: True"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1003
+msgid "ldap_netgroup_object_class (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1006
+msgid "The object class of a netgroup entry in LDAP."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1009
+msgid "In IPA provider, ipa_netgroup_object_class should be used instead."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1013
+msgid "Default: nisNetgroup"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1019
+msgid "ldap_netgroup_name (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1022
+msgid "The LDAP attribute that corresponds to the netgroup name."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1026
+msgid "In IPA provider, ipa_netgroup_name should be used instead."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1036
+msgid "ldap_netgroup_member (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1039
+msgid "The LDAP attribute that contains the names of the netgroup's members."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1043
+msgid "In IPA provider, ipa_netgroup_member should be used instead."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1047
+msgid "Default: memberNisNetgroup"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1053
+msgid "ldap_netgroup_triple (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1056
+msgid ""
+"The LDAP attribute that contains the (host, user, domain) netgroup triples."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1060 sssd-ldap.5.xml:1076
+msgid "This option is not available in IPA provider."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1063
+msgid "Default: nisNetgroupTriple"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1069
+msgid "ldap_netgroup_modify_timestamp (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1085
+msgid "ldap_service_object_class (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1088
+msgid "The object class of a service entry in LDAP."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1091
+msgid "Default: ipService"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1097
+msgid "ldap_service_name (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1100
+msgid ""
+"The LDAP attribute that contains the name of service attributes and their "
+"aliases."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1110
+msgid "ldap_service_port (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1113
+msgid "The LDAP attribute that contains the port managed by this service."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1117
+msgid "Default: ipServicePort"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1123
+msgid "ldap_service_proto (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1126
+msgid ""
+"The LDAP attribute that contains the protocols understood by this service."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1130
+msgid "Default: ipServiceProtocol"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1136
+msgid "ldap_service_search_base (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1141
+msgid "ldap_search_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1144
+msgid ""
+"Specifies the timeout (in seconds) that ldap searches are allowed to run "
+"before they are cancelled and cached results are returned (and offline mode "
+"is entered)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1150
+msgid ""
+"Note: this option is subject to change in future versions of the SSSD. It "
+"will likely be replaced at some point by a series of timeouts for specific "
+"lookup types."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1162
+msgid "ldap_enumeration_search_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1165
+msgid ""
+"Specifies the timeout (in seconds) that ldap searches for user and group "
+"enumerations are allowed to run before they are cancelled and cached results "
+"are returned (and offline mode is entered)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1178
+msgid "ldap_network_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1181
+msgid ""
+"Specifies the timeout (in seconds) after which the <citerefentry> "
+"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/"
+"<citerefentry> <refentrytitle>select</refentrytitle> <manvolnum>2</"
+"manvolnum> </citerefentry> following a <citerefentry> "
+"<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> </"
+"citerefentry> returns in case of no activity."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1204
+msgid "ldap_opt_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1207
+msgid ""
+"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs "
+"will abort if no response is received. Also controls the timeout when "
+"communicating with the KDC in case of SASL bind."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1219
+msgid "ldap_connection_expire_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1222
+msgid ""
+"Specifies a timeout (in seconds) that a connection to an LDAP server will be "
+"maintained. After this time, the connection will be re-established. If used "
+"in parallel with SASL/GSSAPI, the sooner of the two values (this value vs. "
+"the TGT lifetime) will be used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1230 sssd-ldap.5.xml:2228
+msgid "Default: 900 (15 minutes)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1236
+msgid "ldap_page_size (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1239
+msgid ""
+"Specify the number of records to retrieve from LDAP in a single request. "
+"Some LDAP servers enforce a maximum limit per-request."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1244
+msgid "Default: 1000"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1250
+msgid "ldap_disable_paging (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1253
+msgid ""
+"Disable the LDAP paging control. This option should be used if the LDAP "
+"server reports that it supports the LDAP paging control in its RootDSE but "
+"it is not enabled or does not behave properly."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1259
+msgid ""
+"Example: OpenLDAP servers with the paging control module installed on the "
+"server but not enabled will report it in the RootDSE but be unable to use it."
+""
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1265
+msgid ""
+"Example: 389 DS has a bug where it can only support a one paging control at "
+"a time on a single connection. On busy clients, this can result in some "
+"requests being denied."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1277
+msgid "ldap_disable_range_retrieval (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1280
+msgid "Disable Active Directory range retrieval."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1283
+msgid ""
+"Active Directory limits the number of members to be retrieved in a single "
+"lookup using the MaxValRange policy (which defaults to 1500 members). If a "
+"group contains more members, the reply would include an AD-specific range "
+"extension. This option disables parsing of the range extension, therefore "
+"large groups will appear as having no members."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1298
+msgid "ldap_sasl_minssf (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1301
+msgid ""
+"When communicating with an LDAP server using SASL, specify the minimum "
+"security level necessary to establish the connection. The values of this "
+"option are defined by OpenLDAP."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1307
+msgid "Default: Use the system default (usually specified by ldap.conf)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1314
+msgid "ldap_deref_threshold (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1317
+msgid ""
+"Specify the number of group members that must be missing from the internal "
+"cache in order to trigger a dereference lookup. If less members are missing, "
+"they are looked up individually."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1323
+msgid ""
+"You can turn off dereference lookups completely by setting the value to 0."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1327
+msgid ""
+"A dereference lookup is a means of fetching all group members in a single "
+"LDAP call. Different LDAP servers may implement different dereference "
+"methods. The currently supported servers are 389/RHDS, OpenLDAP and Active "
+"Directory."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1335
+msgid ""
+"<emphasis>Note:</emphasis> If any of the search bases specifies a search "
+"filter, then the dereference lookup performance enhancement will be disabled "
+"regardless of this setting."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1348
+msgid "ldap_tls_reqcert (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1351
+msgid ""
+"Specifies what checks to perform on server certificates in a TLS session, if "
+"any. It can be specified as one of the following values:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1357
+msgid ""
+"<emphasis>never</emphasis> = The client will not request or check any server "
+"certificate."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1361
+msgid ""
+"<emphasis>allow</emphasis> = The server certificate is requested. If no "
+"certificate is provided, the session proceeds normally. If a bad certificate "
+"is provided, it will be ignored and the session proceeds normally."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1368
+msgid ""
+"<emphasis>try</emphasis> = The server certificate is requested. If no "
+"certificate is provided, the session proceeds normally. If a bad certificate "
+"is provided, the session is immediately terminated."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1374
+msgid ""
+"<emphasis>demand</emphasis> = The server certificate is requested. If no "
+"certificate is provided, or a bad certificate is provided, the session is "
+"immediately terminated."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1380
+msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1384
+msgid "Default: hard"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1390
+msgid "ldap_tls_cacert (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1393
+msgid ""
+"Specifies the file that contains certificates for all of the Certificate "
+"Authorities that <command>sssd</command> will recognize."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1398 sssd-ldap.5.xml:1416 sssd-ldap.5.xml:1457
+msgid ""
+"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap."
+"conf</filename>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1405
+msgid "ldap_tls_cacertdir (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1408
+msgid ""
+"Specifies the path of a directory that contains Certificate Authority "
+"certificates in separate individual files. Typically the file names need to "
+"be the hash of the certificate followed by '.0'. If available, "
+"<command>cacertdir_rehash</command> can be used to create the correct names."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1423
+msgid "ldap_tls_cert (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1426
+msgid "Specifies the file that contains the certificate for the client's key."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1436
+msgid "ldap_tls_key (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1439
+msgid "Specifies the file that contains the client's key."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1448
+msgid "ldap_tls_cipher_suite (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1451
+msgid ""
+"Specifies acceptable cipher suites. Typically this is a colon sperated list."
+" See <citerefentry><refentrytitle>ldap.conf</refentrytitle> <manvolnum>5</"
+"manvolnum></citerefentry> for format."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1464
+msgid "ldap_id_use_start_tls (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1467
+msgid ""
+"Specifies that the id_provider connection must also use <systemitem class="
+"\"protocol\">tls</systemitem> to protect the channel."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1477
+msgid "ldap_id_mapping (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1480
+msgid ""
+"Specifies that SSSD should attempt to map user and group IDs from the "
+"ldap_user_objectsid and ldap_group_objectsid attributes instead of relying "
+"on ldap_user_uid_number and ldap_group_gid_number."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1486
+msgid ""
+"Currently this feature supports only ActiveDirectory objectSID mapping."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1496
+msgid "ldap_min_id, ldap_max_id (interger)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1499
+msgid ""
+"In contrast to the SID based ID mapping which is used if ldap_id_mapping is "
+"set to true the allowed ID range for ldap_user_uid_number and "
+"ldap_group_gid_number is unbound. In a setup with sub/trusted-domains this "
+"might lead to ID collisions. To avoid collisions ldap_min_id and ldap_max_id "
+"can be set to restrict the allowed range for the IDs which are read directly "
+"from the server. Sub-domains can then pick other ranges to map IDs."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1511
+msgid "Default: not set (both options are set to 0)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1517
+msgid "ldap_sasl_mech (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1520
+msgid ""
+"Specify the SASL mechanism to use. Currently only GSSAPI is tested and "
+"supported."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1530
+msgid "ldap_sasl_authid (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1533
+msgid ""
+"Specify the SASL authorization id to use. When GSSAPI is used, this "
+"represents the Kerberos principal used for authentication to the directory. "
+"This option can either contain the full principal (for example host/"
+"myhost@EXAMPLE.COM) or just the principal name (for example host/myhost)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1541
+msgid "Default: host/hostname@REALM"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1547
+msgid "ldap_sasl_realm (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1550
+msgid ""
+"Specify the SASL realm to use. When not specified, this option defaults to "
+"the value of krb5_realm. If the ldap_sasl_authid contains the realm as "
+"well, this option is ignored."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1556
+msgid "Default: the value of krb5_realm."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1562
+msgid "ldap_sasl_canonicalize (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1565
+msgid ""
+"If set to true, the LDAP library would perform a reverse lookup to "
+"canonicalize the host name during a SASL bind."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1570
+msgid "Default: false;"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1576
+msgid "ldap_krb5_keytab (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1579
+msgid "Specify the keytab to use when using SASL/GSSAPI."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1582
+msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1588
+msgid "ldap_krb5_init_creds (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1591
+msgid ""
+"Specifies that the id_provider should init Kerberos credentials (TGT). This "
+"action is performed only if SASL is used and the mechanism selected is "
+"GSSAPI."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1603
+msgid "ldap_krb5_ticket_lifetime (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1606
+msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1610 sssd-ad.5.xml:728
+msgid "Default: 86400 (24 hours)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1616 sssd-krb5.5.xml:74
+msgid "krb5_server, krb5_backup_server (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1619
+msgid ""
+"Specifies the comma-separated list of IP addresses or hostnames of the "
+"Kerberos servers to which SSSD should connect in the order of preference. "
+"For more information on failover and server redundancy, see the "
+"<quote>FAILOVER</quote> section. An optional port number (preceded by a "
+"colon) may be appended to the addresses or hostnames. If empty, service "
+"discovery is enabled - for more information, refer to the <quote>SERVICE "
+"DISCOVERY</quote> section."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1631 sssd-krb5.5.xml:89
+msgid ""
+"When using service discovery for KDC or kpasswd servers, SSSD first searches "
+"for DNS entries that specify _udp as the protocol and falls back to _tcp if "
+"none are found."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1636 sssd-krb5.5.xml:94
+msgid ""
+"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. "
+"While the legacy name is recognized for the time being, users are advised to "
+"migrate their config files to use <quote>krb5_server</quote> instead."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1645 sssd-ipa.5.xml:385 sssd-krb5.5.xml:103
+msgid "krb5_realm (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1648
+msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1651
+msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1657 sssd-ipa.5.xml:400 sssd-krb5.5.xml:453
+msgid "krb5_canonicalize (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1660
+msgid ""
+"Specifies if the host principal should be canonicalized when connecting to "
+"LDAP server. This feature is available with MIT Kerberos >= 1.7"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1672 sssd-krb5.5.xml:468
+msgid "krb5_use_kdcinfo (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1675 sssd-krb5.5.xml:471
+msgid ""
+"Specifies if the SSSD should instruct the Kerberos libraries what realm and "
+"which KDCs to use. This option is on by default, if you disable it, you need "
+"to configure the Kerberos library using the <citerefentry> "
+"<refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> configuration file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1686 sssd-krb5.5.xml:482
+msgid ""
+"See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</"
+"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more "
+"information on the locator plugin."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1700
+msgid "ldap_pwd_policy (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1703
+msgid ""
+"Select the policy to evaluate the password expiration on the client side. "
+"The following values are allowed:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1708
+msgid ""
+"<emphasis>none</emphasis> - No evaluation on the client side. This option "
+"cannot disable server-side password policies."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1713
+msgid ""
+"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</"
+"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to "
+"evaluate if the password has expired."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1719
+msgid ""
+"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos "
+"to determine if the password has expired. Use chpass_provider=krb5 to update "
+"these attributes when the password is changed."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1728
+msgid ""
+"<emphasis>Note</emphasis>: if a password policy is configured on server "
+"side, it always takes precedence over policy set with this option."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1736
+msgid "ldap_referrals (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1739
+msgid "Specifies whether automatic referral chasing should be enabled."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1743
+msgid ""
+"Please note that sssd only supports referral chasing when it is compiled "
+"with OpenLDAP version 2.4.13 or higher."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1748
+msgid ""
+"Chasing referrals may incur a performance penalty in environments that use "
+"them heavily, a notable example is Microsoft Active Directory. If your setup "
+"does not in fact require the use of referrals, setting this option to false "
+"might bring a noticeable performance improvement."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1762
+msgid "ldap_dns_service_name (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1765
+msgid "Specifies the service name to use when service discovery is enabled."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1769
+msgid "Default: ldap"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1775
+msgid "ldap_chpass_dns_service_name (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1778
+msgid ""
+"Specifies the service name to use to find an LDAP server which allows "
+"password changes when service discovery is enabled."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1783
+msgid "Default: not set, i.e. service discovery is disabled"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1789
+msgid "ldap_chpass_update_last_change (bool)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1792
+msgid ""
+"Specifies whether to update the ldap_user_shadow_last_change attribute with "
+"days since the Epoch after a password change operation."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1804
+msgid "ldap_access_filter (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1807
+msgid ""
+"If using access_provider = ldap and ldap_access_order = filter (default), "
+"this option is mandatory. It specifies an LDAP search filter criteria that "
+"must be met for the user to be granted access on this host. If "
+"access_provider = ldap, ldap_access_order = filter and this option is not "
+"set, it will result in all users being denied access. Use access_provider = "
+"permit to change this default behavior. Please note that this filter is "
+"applied on the LDAP user entry only and thus filtering based on nested "
+"groups may not work (e.g. memberOf attribute on AD entries points only to "
+"direct parents). If filtering based on nested groups is required, please see "
+"<citerefentry> <refentrytitle>sssd-simple</refentrytitle><manvolnum>5</"
+"manvolnum> </citerefentry>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1827
+msgid "Example:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
+#: sssd-ldap.5.xml:1830
+#, no-wrap
+msgid ""
+"access_provider = ldap\n"
+"ldap_access_filter = (employeeType=admin)\n"
+" "
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1834
+msgid ""
+"This example means that access to this host is restricted to users whose "
+"employeeType attribute is set to \"admin\"."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1839
+msgid ""
+"Offline caching for this feature is limited to determining whether the "
+"user's last online login was granted access permission. If they were granted "
+"access during their last login, they will continue to be granted access "
+"while offline and vice-versa."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1847 sssd-ldap.5.xml:1904
+msgid "Default: Empty"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1853
+msgid "ldap_account_expire_policy (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1856
+msgid ""
+"With this option a client side evaluation of access control attributes can "
+"be enabled."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1860
+msgid ""
+"Please note that it is always recommended to use server side access control, "
+"i.e. the LDAP server should deny the bind request with a suitable error code "
+"even if the password is correct."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1867
+msgid "The following values are allowed:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1870
+msgid ""
+"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to "
+"determine if the account is expired."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1875
+msgid ""
+"<emphasis>ad</emphasis>: use the value of the 32bit field "
+"ldap_user_ad_user_account_control and allow access if the second bit is not "
+"set. If the attribute is missing access is granted. Also the expiration time "
+"of the account is checked."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1882
+msgid ""
+"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</"
+"emphasis>: use the value of ldap_ns_account_lock to check if access is "
+"allowed or not."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1888
+msgid ""
+"<emphasis>nds</emphasis>: the values of "
+"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and "
+"ldap_user_nds_login_expiration_time are used to check if access is allowed. "
+"If both attributes are missing access is granted."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1897
+msgid ""
+"Please note that the ldap_access_order configuration option <emphasis>must</"
+"emphasis> include <quote>expire</quote> in order for the "
+"ldap_account_expire_policy option to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1910
+msgid "ldap_access_order (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1913
+msgid "Comma separated list of access control options. Allowed values are:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1917
+msgid "<emphasis>filter</emphasis>: use ldap_access_filter"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1920
+msgid ""
+"<emphasis>lockout</emphasis>: use account locking. If set, this option "
+"denies access in case that ldap attribute 'pwdAccountLockedTime' is present "
+"and has value of '000001010000Z'. Please see the option ldap_pwdlockout_dn."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1927
+msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1931
+msgid ""
+"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
+"to determine access"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1936
+msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1940
+msgid "Default: filter"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1943
+msgid ""
+"Please note that it is a configuration error if a value is used more than "
+"once."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1950
+msgid "ldap_pwdlockout_dn (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1953
+msgid ""
+"This option specifies the DN of password policy entry on LDAP server. Please "
+"note that absence of this option in sssd.conf in case of enabled account "
+"lockout checking will yield access denied as ppolicy attributes on LDAP "
+"server cannot be checked properly."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1961
+msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1964
+msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1970
+msgid "ldap_deref (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1973
+msgid ""
+"Specifies how alias dereferencing is done when performing a search. The "
+"following options are allowed:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1978
+msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1982
+msgid ""
+"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
+"the base object, but not in locating the base object of the search."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1987
+msgid ""
+"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
+"the base object of the search."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1992
+msgid ""
+"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
+"in locating the base object of the search."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1997
+msgid ""
+"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
+"client libraries)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2005
+msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2008
+msgid ""
+"Allows to retain local users as members of an LDAP group for servers that "
+"use the RFC2307 schema."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2012
+msgid ""
+"In some environments where the RFC2307 schema is used, local users are made "
+"members of LDAP groups by adding their names to the memberUid attribute. "
+"The self-consistency of the domain is compromised when this is done, so SSSD "
+"would normally remove the \"missing\" users from the cached group "
+"memberships as soon as nsswitch tries to fetch information about the user "
+"via getpw*() or initgroups() calls."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2023
+msgid ""
+"This option falls back to checking if local users are referenced, and caches "
+"them so that later initgroups() calls will augment the local users with the "
+"additional LDAP groups."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:51
+msgid ""
+"All of the common configuration options that apply to SSSD domains also "
+"apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section "
+"of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> manual page for full details. <placeholder type="
+"\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-ldap.5.xml:2039
+msgid "SUDO OPTIONS"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:2041
+msgid ""
+"The detailed instructions for configuration of sudo_provider are in the "
+"manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2052
+msgid "ldap_sudorule_object_class (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2055
+msgid "The object class of a sudo rule entry in LDAP."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2058
+msgid "Default: sudoRole"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2064
+msgid "ldap_sudorule_name (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2067
+msgid "The LDAP attribute that corresponds to the sudo rule name."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2077
+msgid "ldap_sudorule_command (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2080
+msgid "The LDAP attribute that corresponds to the command name."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2084
+msgid "Default: sudoCommand"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2090
+msgid "ldap_sudorule_host (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2093
+msgid ""
+"The LDAP attribute that corresponds to the host name (or host IP address, "
+"host IP network, or host netgroup)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2098
+msgid "Default: sudoHost"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2104
+msgid "ldap_sudorule_user (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2107
+msgid ""
+"The LDAP attribute that corresponds to the user name (or UID, group name or "
+"user's netgroup)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2111
+msgid "Default: sudoUser"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2117
+msgid "ldap_sudorule_option (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2120
+msgid "The LDAP attribute that corresponds to the sudo options."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2124
+msgid "Default: sudoOption"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2130
+msgid "ldap_sudorule_runasuser (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2133
+msgid ""
+"The LDAP attribute that corresponds to the user name that commands may be "
+"run as."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2137
+msgid "Default: sudoRunAsUser"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2143
+msgid "ldap_sudorule_runasgroup (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2146
+msgid ""
+"The LDAP attribute that corresponds to the group name or group GID that "
+"commands may be run as."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2150
+msgid "Default: sudoRunAsGroup"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2156
+msgid "ldap_sudorule_notbefore (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2159
+msgid ""
+"The LDAP attribute that corresponds to the start date/time for when the sudo "
+"rule is valid."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2163
+msgid "Default: sudoNotBefore"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2169
+msgid "ldap_sudorule_notafter (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2172
+msgid ""
+"The LDAP attribute that corresponds to the expiration date/time, after which "
+"the sudo rule will no longer be valid."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2177
+msgid "Default: sudoNotAfter"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2183
+msgid "ldap_sudorule_order (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2186
+msgid "The LDAP attribute that corresponds to the ordering index of the rule."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2190
+msgid "Default: sudoOrder"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2196
+msgid "ldap_sudo_full_refresh_interval (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2199
+msgid ""
+"How many seconds SSSD will wait between executing a full refresh of sudo "
+"rules (which downloads all rules that are stored on the server)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2204
+msgid ""
+"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </"
+"emphasis>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2209
+msgid "Default: 21600 (6 hours)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2215
+msgid "ldap_sudo_smart_refresh_interval (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2218
+msgid ""
+"How many seconds SSSD has to wait before executing a smart refresh of sudo "
+"rules (which downloads all rules that have USN higher than the highest USN "
+"of cached rules)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2224
+msgid ""
+"If USN attributes are not supported by the server, the modifyTimestamp "
+"attribute is used instead."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2234
+msgid "ldap_sudo_use_host_filter (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2237
+msgid ""
+"If true, SSSD will download only rules that are applicable to this machine "
+"(using the IPv4 or IPv6 host/network addresses and hostnames)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2248
+msgid "ldap_sudo_hostnames (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2251
+msgid ""
+"Space separated list of hostnames or fully qualified domain names that "
+"should be used to filter the rules."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2256
+msgid ""
+"If this option is empty, SSSD will try to discover the hostname and the "
+"fully qualified domain name automatically."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2261 sssd-ldap.5.xml:2284 sssd-ldap.5.xml:2302 sssd-ldap.5.xml:2320
+msgid ""
+"If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</"
+"emphasis> then this option has no effect."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2266 sssd-ldap.5.xml:2289
+msgid "Default: not specified"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2272
+msgid "ldap_sudo_ip (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2275
+msgid ""
+"Space separated list of IPv4 or IPv6 host/network addresses that should be "
+"used to filter the rules."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2280
+msgid ""
+"If this option is empty, SSSD will try to discover the addresses "
+"automatically."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2295
+msgid "ldap_sudo_include_netgroups (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2298
+msgid ""
+"If true then SSSD will download every rule that contains a netgroup in "
+"sudoHost attribute."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2313
+msgid "ldap_sudo_include_regexp (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2316
+msgid ""
+"If true then SSSD will download every rule that contains a wildcard in "
+"sudoHost attribute."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:2332
+msgid ""
+"This manual page only describes attribute name mapping. For detailed "
+"explanation of sudo related attribute semantics, see <citerefentry> "
+"<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </"
+"citerefentry>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-ldap.5.xml:2342
+msgid "AUTOFS OPTIONS"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:2344
+msgid ""
+"Please note that the default values correspond to the default schema which "
+"is RFC2307."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2350
+msgid "ldap_autofs_map_master_name (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2353
+msgid "The name of the automount master map in LDAP."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2356
+msgid "Default: auto.master"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2363
+msgid "ldap_autofs_map_object_class (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2366 sssd-ldap.5.xml:2392
+msgid "The object class of an automount map entry in LDAP."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2369 sssd-ldap.5.xml:2396
+msgid "Default: automountMap"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2376
+msgid "ldap_autofs_map_name (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2379
+msgid "The name of an automount map entry in LDAP."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2382
+msgid "Default: ou"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2389
+msgid "ldap_autofs_entry_object_class (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2403
+msgid "ldap_autofs_entry_key (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2406 sssd-ldap.5.xml:2420
+msgid ""
+"The key of an automount entry in LDAP. The entry usually corresponds to a "
+"mount point."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2417
+msgid "ldap_autofs_entry_value (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2424
+msgid "Default: automountInformation"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:2348
+msgid ""
+"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
+"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
+"<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type="
+"\"variablelist\" id=\"4\"/> <placeholder type=\"variablelist\" id=\"5\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-ldap.5.xml:2434
+msgid "ADVANCED OPTIONS"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2441
+msgid "ldap_netgroup_search_base (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2446
+msgid "ldap_user_search_base (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2451
+msgid "ldap_group_search_base (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2456
+msgid "ldap_sudo_search_base (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2461
+msgid "ldap_autofs_search_base (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:2436
+msgid ""
+"These options are supported by LDAP domains, but they should be used with "
+"caution. Please include them in your configuration only if you know what you "
+"are doing. <placeholder type=\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:2478
+msgid ""
+"The following example assumes that SSSD is correctly configured and LDAP is "
+"set to one of the domains in the <replaceable>[domains]</replaceable> "
+"section."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-ldap.5.xml:2484
+#, no-wrap
+msgid ""
+" [domain/LDAP]\n"
+" id_provider = ldap\n"
+" auth_provider = ldap\n"
+" ldap_uri = ldap://ldap.mydomain.org\n"
+" ldap_search_base = dc=mydomain,dc=org\n"
+" ldap_tls_reqcert = demand\n"
+" cache_credentials = true\n"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: sssd-ldap.5.xml:2483 sssd-simple.5.xml:139 sssd-ipa.5.xml:702 sssd-ad.5.xml:800 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 include/ldap_id_mapping.xml:105
+msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-ldap.5.xml:2496 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 sssd-ad.5.xml:815 sssd.8.xml:195 sss_seed.8.xml:163
+msgid "NOTES"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:2498
+msgid ""
+"The descriptions of some of the configuration options in this manual page "
+"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> manual page from the OpenLDAP 2.4 "
+"distribution."
+msgstr ""
+
+#. type: Content of: <refentryinfo>
+#: pam_sss.8.xml:8 include/upstream.xml:2
+msgid ""
+"<productname>SSSD</productname> <orgname>The SSSD upstream - http://"
+"fedorahosted.org/sssd</orgname>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: pam_sss.8.xml:13 pam_sss.8.xml:18
+msgid "pam_sss"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: pam_sss.8.xml:19
+msgid "PAM module for SSSD"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: pam_sss.8.xml:24
+msgid ""
+"<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</"
+"replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</"
+"replaceable> </arg> <arg choice='opt'> <replaceable>use_first_pass</"
+"replaceable> </arg> <arg choice='opt'> <replaceable>use_authtok</"
+"replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> </"
+"arg> <arg choice='opt'> <replaceable>ignore_unknown_user</replaceable> </"
+"arg> <arg choice='opt'> <replaceable>ignore_authinfo_unavail</replaceable> </"
+"arg> <arg choice='opt'> <replaceable>domains=X</replaceable> </arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: pam_sss.8.xml:54
+msgid ""
+"<command>pam_sss.so</command> is the PAM interface to the System Security "
+"Services daemon (SSSD). Errors and results are logged through "
+"<command>syslog(3)</command> with the LOG_AUTHPRIV facility."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: pam_sss.8.xml:64
+msgid "<option>quiet</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: pam_sss.8.xml:67
+msgid "Suppress log messages for unknown users."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: pam_sss.8.xml:72
+msgid "<option>forward_pass</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: pam_sss.8.xml:75
+msgid ""
+"If <option>forward_pass</option> is set the entered password is put on the "
+"stack for other PAM modules to use."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: pam_sss.8.xml:82
+msgid "<option>use_first_pass</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: pam_sss.8.xml:85
+msgid ""
+"The argument use_first_pass forces the module to use a previous stacked "
+"modules password and will never prompt the user - if no password is "
+"available or the password is not appropriate, the user will be denied access."
+""
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: pam_sss.8.xml:93
+msgid "<option>use_authtok</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: pam_sss.8.xml:96
+msgid ""
+"When password changing enforce the module to set the new password to the one "
+"provided by a previously stacked password module."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: pam_sss.8.xml:103
+msgid "<option>retry=N</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: pam_sss.8.xml:106
+msgid ""
+"If specified the user is asked another N times for a password if "
+"authentication fails. Default is 0."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: pam_sss.8.xml:108
+msgid ""
+"Please note that this option might not work as expected if the application "
+"calling PAM handles the user dialog on its own. A typical example is "
+"<command>sshd</command> with <option>PasswordAuthentication</option>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: pam_sss.8.xml:117
+msgid "<option>ignore_unknown_user</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: pam_sss.8.xml:120
+msgid ""
+"If this option is specified and the user does not exist, the PAM module will "
+"return PAM_IGNORE. This causes the PAM framework to ignore this module."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: pam_sss.8.xml:127
+msgid "<option>ignore_authinfo_unavail</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: pam_sss.8.xml:131
+msgid ""
+"Specifies that the PAM module should return PAM_IGNORE if it cannot contact "
+"the SSSD daemon. This causes the PAM framework to ignore this module."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: pam_sss.8.xml:138
+msgid "<option>domains</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: pam_sss.8.xml:142
+msgid ""
+"Allows the administrator to restrict the domains a particular PAM service is "
+"allowed to authenticate against. The format is a comma-separated list of "
+"SSSD domain names, as specified in the sssd.conf file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: pam_sss.8.xml:148
+msgid ""
+"NOTE: Must be used in conjunction with the <quote>pam_trusted_users</quote> "
+"and <quote>pam_public_domains</quote> options. Please see the "
+"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> manual page for more information on these two PAM "
+"responder options."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: pam_sss.8.xml:164
+msgid "MODULE TYPES PROVIDED"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: pam_sss.8.xml:165
+msgid ""
+"All module types (<option>account</option>, <option>auth</option>, "
+"<option>password</option> and <option>session</option>) are provided."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: pam_sss.8.xml:171
+msgid "FILES"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: pam_sss.8.xml:172
+msgid ""
+"If a password reset by root fails, because the corresponding SSSD provider "
+"does not support password resets, an individual message can be displayed. "
+"This message can e.g. contain instructions about how to reset a password."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: pam_sss.8.xml:177
+msgid ""
+"The message is read from the file <filename>pam_sss_pw_reset_message.LOC</"
+"filename> where LOC stands for a locale string returned by <citerefentry> "
+"<refentrytitle>setlocale</refentrytitle><manvolnum>3</manvolnum> </"
+"citerefentry>. If there is no matching file the content of "
+"<filename>pam_sss_pw_reset_message.txt</filename> is displayed. Root must be "
+"the owner of the files and only root may have read and write permissions "
+"while all other users must have only read permissions."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: pam_sss.8.xml:187
+msgid ""
+"These files are searched in the directory <filename>/etc/sssd/customize/"
+"DOMAIN_NAME/</filename>. If no matching file is present a generic message is "
+"displayed."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15
+msgid "sssd_krb5_locator_plugin"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sssd_krb5_locator_plugin.8.xml:16
+msgid "Kerberos locator plugin"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd_krb5_locator_plugin.8.xml:22
+msgid ""
+"The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is "
+"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</"
+"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos "
+"libraries what Realm and which KDC to use. Typically this is done in "
+"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> which is always read by the Kerberos libraries. "
+"To simplify the configuration the Realm and the KDC can be defined in "
+"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> as described in <citerefentry> "
+"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd_krb5_locator_plugin.8.xml:48
+msgid ""
+"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> "
+"</citerefentry> puts the Realm and the name or IP address of the KDC into "
+"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. "
+"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos "
+"libraries it reads and evaluates these variables and returns them to the "
+"libraries."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd_krb5_locator_plugin.8.xml:63
+msgid ""
+"Not all Kerberos implementations support the use of plugins. If "
+"<command>sssd_krb5_locator_plugin</command> is not available on your system "
+"you have to edit /etc/krb5.conf to reflect your Kerberos setup."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd_krb5_locator_plugin.8.xml:69
+msgid ""
+"If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value "
+"debug messages will be sent to stderr."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd-simple.5.xml:10 sssd-simple.5.xml:16
+msgid "sssd-simple"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sssd-simple.5.xml:17
+msgid "the configuration file for SSSD's 'simple' access-control provider"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:24
+msgid ""
+"This manual page describes the configuration of the simple access-control "
+"provider for <citerefentry> <refentrytitle>sssd</refentrytitle> "
+"<manvolnum>8</manvolnum> </citerefentry>. For a detailed syntax reference, "
+"refer to the <quote>FILE FORMAT</quote> section of the <citerefentry> "
+"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> manual page."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:38
+msgid ""
+"The simple access provider grants or denies access based on an access or "
+"deny list of user or group names. The following rules apply:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para>
+#: sssd-simple.5.xml:43
+msgid "If all lists are empty, access is granted"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para>
+#: sssd-simple.5.xml:47
+msgid ""
+"If any list is provided, the order of evaluation is allow,deny. This means "
+"that any matching deny rule will supersede any matched allow rule."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para>
+#: sssd-simple.5.xml:54
+msgid ""
+"If either or both \"allow\" lists are provided, all users are denied unless "
+"they appear in the list."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para>
+#: sssd-simple.5.xml:60
+msgid ""
+"If only \"deny\" lists are provided, all users are granted access unless "
+"they appear in the list."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-simple.5.xml:78
+msgid "simple_allow_users (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-simple.5.xml:81
+msgid "Comma separated list of users who are allowed to log in."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-simple.5.xml:88
+msgid "simple_deny_users (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-simple.5.xml:91
+msgid "Comma separated list of users who are explicitly denied access."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-simple.5.xml:97
+msgid "simple_allow_groups (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-simple.5.xml:100
+msgid ""
+"Comma separated list of groups that are allowed to log in. This applies only "
+"to groups within this SSSD domain. Local groups are not evaluated."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-simple.5.xml:108
+msgid "simple_deny_groups (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-simple.5.xml:111
+msgid ""
+"Comma separated list of groups that are explicitly denied access. This "
+"applies only to groups within this SSSD domain. Local groups are not "
+"evaluated."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:70 sssd-ipa.5.xml:71 sssd-ad.5.xml:89
+msgid ""
+"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> "
+"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> manual page for details on the configuration of an SSSD domain."
+" <placeholder type=\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:120
+msgid ""
+"Specifying no values for any of the lists is equivalent to skipping it "
+"entirely. Beware of this while generating parameters for the simple provider "
+"using automated scripts."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:125
+msgid ""
+"Please note that it is an configuration error if both, simple_allow_users "
+"and simple_deny_users, are defined."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:133
+msgid ""
+"The following example assumes that SSSD is correctly configured and example."
+"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
+"This examples shows only the simple access provider-specific options."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-simple.5.xml:140
+#, no-wrap
+msgid ""
+" [domain/example.com]\n"
+" access_provider = simple\n"
+" simple_allow_users = user1, user2\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:150
+msgid ""
+"The complete group membership hierarchy is resolved before the access check, "
+"thus even nested groups can be included in the access lists. Please be "
+"aware that the <quote>ldap_group_nesting_level</quote> option may impact the "
+"results and should be set to a sufficient value. (<citerefentry> "
+"<refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</manvolnum> </"
+"citerefentry>) option."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd-ipa.5.xml:10 sssd-ipa.5.xml:16
+msgid "sssd-ipa"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sssd-ipa.5.xml:17
+msgid "SSSD IPA provider"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:23
+msgid ""
+"This manual page describes the configuration of the IPA provider for "
+"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> "
+"</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE "
+"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</"
+"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:36
+msgid ""
+"The IPA provider is a back end used to connect to an IPA server. (Refer to "
+"the freeipa.org web site for information about IPA servers.) This provider "
+"requires that the machine be joined to the IPA domain; configuration is "
+"almost entirely self-discovered and obtained directly from the server."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:43
+msgid ""
+"The IPA provider accepts the same options used by the <citerefentry> "
+"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> identity provider and the <citerefentry> <refentrytitle>sssd-"
+"krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> authentication "
+"provider with some exceptions described below."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:55
+msgid ""
+"However, it is neither necessary nor recommended to set these options. IPA "
+"provider can also be used as an access and chpass provider. As an access "
+"provider it uses HBAC (host-based access control) rules. Please refer to "
+"freeipa.org for more information about HBAC. No configuration of access "
+"provider is required on the client side."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:62
+msgid ""
+"The IPA provider will use the PAC responder if the Kerberos tickets of users "
+"from trusted realms contain a PAC. To make configuration easier the PAC "
+"responder is started automatically if the IPA ID provider is configured."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:78
+msgid "ipa_domain (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:81
+msgid ""
+"Specifies the name of the IPA domain. This is optional. If not provided, "
+"the configuration domain name is used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:89
+msgid "ipa_server, ipa_backup_server (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:92
+msgid ""
+"The comma-separated list of IP addresses or hostnames of the IPA servers to "
+"which SSSD should connect in the order of preference. For more information "
+"on failover and server redundancy, see the <quote>FAILOVER</quote> section. "
+"This is optional if autodiscovery is enabled. For more information on "
+"service discovery, refer to the <quote>SERVICE DISCOVERY</quote> section."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:105
+msgid "ipa_hostname (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:108
+msgid ""
+"Optional. May be set on machines where the hostname(5) does not reflect the "
+"fully qualified name used in the IPA domain to identify this host."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:116 sssd-ad.5.xml:665
+msgid "dyndns_update (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:119
+msgid ""
+"Optional. This option tells SSSD to automatically update the DNS server "
+"built into FreeIPA v2 with the IP address of this client. The update is "
+"secured using GSS-TSIG. The IP address of the IPA LDAP connection is used "
+"for the updates, if it is not otherwise specified by using the "
+"<quote>dyndns_iface</quote> option."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:128 sssd-ad.5.xml:679
+msgid ""
+"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, "
+"the default Kerberos realm must be set properly in /etc/krb5.conf"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:133
+msgid ""
+"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_update</"
+"emphasis> option, users should migrate to using <emphasis>dyndns_update</"
+"emphasis> in their config file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:145 sssd-ad.5.xml:690
+msgid "dyndns_ttl (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:148 sssd-ad.5.xml:693
+msgid ""
+"The TTL to apply to the client DNS record when updating it. If "
+"dyndns_update is false this has no effect. This will override the TTL "
+"serverside if set by an administrator."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:153
+msgid ""
+"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_ttl</"
+"emphasis> option, users should migrate to using <emphasis>dyndns_ttl</"
+"emphasis> in their config file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:159
+msgid "Default: 1200 (seconds)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:165 sssd-ad.5.xml:704
+msgid "dyndns_iface (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:168 sssd-ad.5.xml:707
+msgid ""
+"Optional. Applicable only when dyndns_update is true. Choose the interface "
+"whose IP address should be used for dynamic DNS updates."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:173
+msgid ""
+"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_iface</"
+"emphasis> option, users should migrate to using <emphasis>dyndns_iface</"
+"emphasis> in their config file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:179
+msgid "Default: Use the IP address of the IPA LDAP connection"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:185
+msgid "ipa_enable_dns_sites (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:188 sssd-ad.5.xml:152
+msgid "Enables DNS sites - location based service discovery."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:192
+msgid ""
+"If true and service discovery (see Service Discovery paragraph at the bottom "
+"of the man page) is enabled, then the SSSD will first attempt location "
+"based discovery using a query that contains \"_location.hostname.example."
+"com\" and then fall back to traditional SRV discovery. If the location based "
+"discovery succeeds, the IPA servers located with the location based "
+"discovery are treated as primary servers and the IPA servers located using "
+"the traditional SRV discovery are used as back up servers"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:211 sssd-ad.5.xml:718
+msgid "dyndns_refresh_interval (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:214 sssd-ad.5.xml:721
+msgid ""
+"How often should the back end perform periodic DNS update in addition to the "
+"automatic update performed when the back end goes online. This option is "
+"optional and applicable only when dyndns_update is true."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:227 sssd-ad.5.xml:734
+msgid "dyndns_update_ptr (bool)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:230 sssd-ad.5.xml:737
+msgid ""
+"Whether the PTR record should also be explicitly updated when updating the "
+"client's DNS records. Applicable only when dyndns_update is true."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:235
+msgid ""
+"This option should be False in most IPA deployments as the IPA server "
+"generates the PTR records automatically when forward records are changed."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:241
+msgid "Default: False (disabled)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:247 sssd-ad.5.xml:748
+msgid "dyndns_force_tcp (bool)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:250 sssd-ad.5.xml:751
+msgid ""
+"Whether the nsupdate utility should default to using TCP for communicating "
+"with the DNS server."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:254 sssd-ad.5.xml:755
+msgid "Default: False (let nsupdate choose the protocol)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:260
+msgid "ipa_hbac_search_base (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:263
+msgid ""
+"Optional. Use the given string as search base for HBAC related objects."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:267
+msgid "Default: Use base DN"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:273
+msgid "ipa_host_search_base (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:276
+msgid "Optional. Use the given string as search base for host objects."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:280 sssd-ipa.5.xml:299 sssd-ipa.5.xml:318 sssd-ipa.5.xml:337 sssd-ipa.5.xml:356
+msgid ""
+"See <quote>ldap_search_base</quote> for information about configuring "
+"multiple search bases."
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: sssd-ipa.5.xml:285 sssd-ipa.5.xml:304 include/ldap_search_bases.xml:27
+msgid "Default: the value of <emphasis>ldap_search_base</emphasis>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:292
+msgid "ipa_selinux_search_base (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:295
+msgid "Optional. Use the given string as search base for SELinux user maps."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:311
+msgid "ipa_subdomains_search_base (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:314
+msgid "Optional. Use the given string as search base for trusted domains."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:323
+msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:330
+msgid "ipa_master_domain_search_base (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:333
+msgid ""
+"Optional. Use the given string as search base for master domain object."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:342
+msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:349
+msgid "ipa_views_search_base (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:352
+msgid "Optional. Use the given string as search base for views containers."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:361
+msgid ""
+"Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:368 sssd-krb5.5.xml:245
+msgid "krb5_validate (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:371
+msgid ""
+"Verify with the help of krb5_keytab that the TGT obtained has not been "
+"spoofed."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:378 sssd-ad.5.xml:776
+msgid ""
+"Note that this default differs from the traditional Kerberos provider back "
+"end."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:388
+msgid ""
+"The name of the Kerberos realm. This is optional and defaults to the value "
+"of <quote>ipa_domain</quote>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:392
+msgid ""
+"The name of the Kerberos realm has a special meaning in IPA - it is "
+"converted into the base DN to use for performing LDAP operations."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:403
+msgid ""
+"Specifies if the host and user principal should be canonicalized when "
+"connecting to IPA LDAP and also for AS requests. This feature is available "
+"with MIT Kerberos >= 1.7"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:416 sssd-krb5.5.xml:407
+msgid "krb5_use_fast (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:419 sssd-krb5.5.xml:410
+msgid ""
+"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-"
+"authentication. The following options are supported:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:424
+msgid "<emphasis>never</emphasis> use FAST."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:427
+msgid ""
+"<emphasis>try</emphasis> to use FAST. If the server does not support FAST, "
+"continue the authentication without it. This is equivalent to not setting "
+"this option at all."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:433 sssd-krb5.5.xml:424
+msgid ""
+"<emphasis>demand</emphasis> to use FAST. The authentication fails if the "
+"server does not require fast."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:438
+msgid "Default: try"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:441 sssd-krb5.5.xml:435
+msgid ""
+"NOTE: SSSD supports FAST only with MIT Kerberos version 1.8 and later. If "
+"SSSD is used with an older version of MIT Kerberos, using this option is a "
+"configuration error."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:450
+msgid "ipa_hbac_refresh (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:453
+msgid ""
+"The amount of time between lookups of the HBAC rules against the IPA server. "
+"This will reduce the latency and load on the IPA server if there are many "
+"access-control requests made in a short period."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:460 sssd-ipa.5.xml:476 sssd-ad.5.xml:330
+msgid "Default: 5 (seconds)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:466
+msgid "ipa_hbac_selinux (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:469
+msgid ""
+"The amount of time between lookups of the SELinux maps against the IPA "
+"server. This will reduce the latency and load on the IPA server if there are "
+"many user login requests made in a short period."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:482
+msgid "ipa_hbac_treat_deny_as (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:485
+msgid ""
+"This option specifies how to treat the deprecated DENY-type HBAC rules. As "
+"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users "
+"of FreeIPA will need to migrate their rules to use only the ALLOW rules. The "
+"client will support two modes of operation during this transition period:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:494
+msgid ""
+"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all "
+"users will be denied access."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:499
+msgid ""
+"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very "
+"careful with this option, as it may result in opening unintended access."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:504
+msgid "Default: DENY_ALL"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:510
+msgid "ipa_server_mode (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:513
+msgid "This option should only be set by the IPA installer."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:517
+msgid ""
+"The option denotes that the SSSD is running on IPA server and should perform "
+"lookups of users and groups from trusted domains differently."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:528
+msgid "ipa_automount_location (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:531
+msgid "The automounter location this IPA client will be using"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:534
+msgid "Default: The location named \"default\""
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd-ipa.5.xml:542
+msgid "VIEWS AND OVERRIDES"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:551
+msgid "ipa_view_class (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:554
+msgid "Objectclass of the view container."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:557
+msgid "Default: nsContainer"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:563
+msgid "ipa_view_name (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:566
+msgid "Name of the attribute holding the name of the view."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:576
+msgid "ipa_overide_object_class (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:579
+msgid "Objectclass of the override objects."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:582
+msgid "Default: ipaOverrideAnchor"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:588
+msgid "ipa_anchor_uuid (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:591
+msgid ""
+"Name of the attribute containing the reference to the original object in a "
+"remote domain."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:595
+msgid "Default: ipaAnchorUUID"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:601
+msgid "ipa_user_override_object_class (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:604
+msgid ""
+"Name of the objectclass for user overrides. It is used to determine if the "
+"found override object is related to a user or a group."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:609
+msgid "User overrides can contain attributes given by"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd-ipa.5.xml:612
+msgid "ldap_user_name"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd-ipa.5.xml:615
+msgid "ldap_user_uid_number"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd-ipa.5.xml:618
+msgid "ldap_user_gid_number"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd-ipa.5.xml:621
+msgid "ldap_user_gecos"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd-ipa.5.xml:624
+msgid "ldap_user_home_directory"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd-ipa.5.xml:627
+msgid "ldap_user_shell"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:632
+msgid "Default: ipaUserOverride"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:638
+msgid "ipa_group_override_object_class (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:641
+msgid ""
+"Name of the objectclass for group overrides. It is used to determine if the "
+"found override object is related to a user or a group."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:646
+msgid "Group overrides can contain attributes given by"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd-ipa.5.xml:649
+msgid "ldap_group_name"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd-ipa.5.xml:652
+msgid "ldap_group_gid_number"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:657
+msgid "Default: ipaGroupOverride"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para>
+#: sssd-ipa.5.xml:544
+msgid ""
+"SSSD can handle views and overrides which are offered by FreeIPA 4.1 and "
+"later version. Since all paths and objectclasses are fixed on the server "
+"side there is basically no need to configure anything. For completeness the "
+"related options are listed here with their default values. <placeholder "
+"type=\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-ipa.5.xml:667
+msgid "SUBDOMAINS PROVIDER"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:669
+msgid ""
+"The IPA subdomains provider behaves slightly differently if it is configured "
+"explicitly or implicitly."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:673
+msgid ""
+"If the option 'subdomains_provider = ipa' is found in the domain section of "
+"sssd.conf, the IPA subdomains provider is configured explicitly, and all "
+"subdomain requests are sent to the IPA server if necessary."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:679
+msgid ""
+"If the option 'subdomains_provider' is not set in the domain section of sssd."
+"conf but there is the option 'id_provider = ipa', the IPA subdomains "
+"provider is configured implicitly. In this case, if a subdomain request "
+"fails and indicates that the server does not support subdomains, i.e. is not "
+"configured for trusts, the IPA subdomains provider is disabled. After an "
+"hour or after the IPA provider goes online, the subdomains provider is "
+"enabled again."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:696
+msgid ""
+"The following example assumes that SSSD is correctly configured and example."
+"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
+"This examples shows only the ipa provider-specific options."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-ipa.5.xml:703
+#, no-wrap
+msgid ""
+" [domain/example.com]\n"
+" id_provider = ipa\n"
+" ipa_server = ipaserver.example.com\n"
+" ipa_hostname = myhost.example.com\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd-ad.5.xml:10 sssd-ad.5.xml:16
+msgid "sssd-ad"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sssd-ad.5.xml:17
+msgid "SSSD Active Directory provider"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ad.5.xml:23
+msgid ""
+"This manual page describes the configuration of the AD provider for "
+"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> "
+"</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE "
+"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</"
+"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ad.5.xml:36
+msgid ""
+"The AD provider is a back end used to connect to an Active Directory server. "
+"This provider requires that the machine be joined to the AD domain and a "
+"keytab is available."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ad.5.xml:41
+msgid ""
+"The AD provider supports connecting to Active Directory 2008 R2 or later. "
+"Earlier versions may work, but are unsupported."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ad.5.xml:45
+msgid ""
+"The AD provider is able to provide identity information and authentication "
+"for entities from trusted domains as well. Currently only trusted domains in "
+"the same forest are recognized."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ad.5.xml:50
+msgid ""
+"The AD provider accepts the same options used by the <citerefentry> "
+"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> identity provider and the <citerefentry> <refentrytitle>sssd-"
+"krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> authentication "
+"provider with some exceptions described below."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ad.5.xml:62
+msgid ""
+"However, it is neither necessary nor recommended to set these options. The "
+"AD provider can also be used as an access, chpass and sudo provider. No "
+"configuration of the access provider is required on the client side."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-ad.5.xml:74
+#, no-wrap
+msgid "ldap_id_mapping = False\n"
+" "
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ad.5.xml:68
+msgid ""
+"By default, the AD provider will map UID and GID values from the objectSID "
+"parameter in Active Directory. For details on this, see the <quote>ID "
+"MAPPING</quote> section below. If you want to disable ID mapping and instead "
+"rely on POSIX attributes defined in Active Directory, you should set "
+"<placeholder type=\"programlisting\" id=\"0\"/> In order to retrieve users "
+"and groups using POSIX attributes from trusted domains, the AD administrator "
+"must make sure that the POSIX attributes are replicated to the Global "
+"Catalog."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ad.5.xml:81
+msgid ""
+"Users, groups and other entities served by SSSD are always treated as case-"
+"insensitive in the AD provider for compatibility with Active Directory's "
+"LDAP implementation."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ad.5.xml:96
+msgid "ad_domain (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:99
+msgid ""
+"Specifies the name of the Active Directory domain. This is optional. If not "
+"provided, the configuration domain name is used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:104
+msgid ""
+"For proper operation, this option should be specified as the lower-case "
+"version of the long version of the Active Directory domain."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:109
+msgid ""
+"The short domain name (also known as the NetBIOS or the flat name) is "
+"autodetected by the SSSD."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ad.5.xml:116
+msgid "ad_server, ad_backup_server (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:119
+msgid ""
+"The comma-separated list of hostnames of the AD servers to which SSSD should "
+"connect in order of preference. For more information on failover and server "
+"redundancy, see the <quote>FAILOVER</quote> section. This is optional if "
+"autodiscovery is enabled. For more information on service discovery, refer "
+"to the <quote>SERVICE DISCOVERY</quote> section."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ad.5.xml:132
+msgid "ad_hostname (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:135
+msgid ""
+"Optional. May be set on machines where the hostname(5) does not reflect the "
+"fully qualified name used in the Active Directory domain to identify this "
+"host."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:141
+msgid ""
+"This field is used to determine the host principal in use in the keytab. It "
+"must match the hostname for which the keytab was issued."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ad.5.xml:149
+msgid "ad_enable_dns_sites (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:156
+msgid ""
+"If true and service discovery (see Service Discovery paragraph at the bottom "
+"of the man page) is enabled, the SSSD will first attempt to discover the "
+"Active Directory server to connect to using the Active Directory Site "
+"Discovery and fall back to the DNS SRV records if no AD site is found. The "
+"DNS SRV configuration, including the discovery domain, is used during site "
+"discovery as well."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ad.5.xml:172
+msgid "ad_access_filter (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:175
+msgid ""
+"This option specifies LDAP access control filter that the user must match in "
+"order to be allowed access. Please note that the <quote>access_provider</"
+"quote> option must be explicitly set to <quote>ad</quote> in order for this "
+"option to have an effect."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:183
+msgid ""
+"The option also supports specifying different filters per domain or forest. "
+"This extended filter would consist of: <quote>KEYWORD:NAME:FILTER</quote>. "
+"The keyword can be either <quote>DOM</quote>, <quote>FOREST</quote> or "
+"missing."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:191
+msgid ""
+"If the keyword equals to <quote>DOM</quote> or is missing, then <quote>NAME</"
+"quote> specifies the domain or subdomain the filter applies to. If the "
+"keyword equals to <quote>FOREST</quote>, then the filter equals to all "
+"domains from the forest specified by <quote>NAME</quote>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:199
+msgid ""
+"Multiple filters can be separated with the <quote>?</quote> character, "
+"similarly to how search bases work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:204
+msgid ""
+"The most specific match is always used. For example, if the option specified "
+"filter for a domain the user is a member of and a global filter, the per-"
+"domain filter would be applied. If there are more matches with the same "
+"specification, the first one is used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
+#: sssd-ad.5.xml:215
+#, no-wrap
+msgid ""
+"# apply filter on domain called dom1 only:\n"
+"dom1:(memberOf=cn=admins,ou=groups,dc=dom1,dc=com)\n"
+"\n"
+"# apply filter on domain called dom2 only:\n"
+"DOM:dom2:(memberOf=cn=admins,ou=groups,dc=dom2,dc=com)\n"
+"\n"
+"# apply filter on forest called EXAMPLE.COM only:\n"
+"FOREST:EXAMPLE.COM:(memberOf=cn=admins,ou=groups,dc=example,dc=com)\n"
+" "
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:225
+msgid "Default: Not set"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ad.5.xml:231
+msgid "ad_enable_gc (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:234
+msgid ""
+"By default, the SSSD connects to the Global Catalog first to retrieve users "
+"from trusted domains and uses the LDAP port to retrieve group memberships or "
+"as a fallback. Disabling this option makes the SSSD only connect to the LDAP "
+"port of the current AD server."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:242
+msgid ""
+"Please note that disabling Global Catalog support does not disable "
+"retrieving users from trusted domains. The SSSD would connect to the LDAP "
+"port of trusted domains instead. However, Global Catalog must be used in "
+"order to resolve cross-domain group memberships."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ad.5.xml:256
+msgid "ad_gpo_access_control (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:259
+msgid ""
+"This option specifies the operation mode for GPO-based access control "
+"functionality: whether it operates in disabled mode, enforcing mode, or "
+"permissive mode. Please note that the <quote>access_provider</quote> option "
+"must be explicitly set to <quote>ad</quote> in order for this option to have "
+"an effect."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:268
+msgid ""
+"GPO-based access control functionality uses GPO policy settings to determine "
+"whether or not a particular user is allowed to logon to a particular host."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:274
+msgid ""
+"NOTE: If the operation mode is set to enforcing, it is possible that users "
+"that were previously allowed logon access will now be denied logon access "
+"(as dictated by the GPO policy settings). In order to facilitate a smooth "
+"transition for administrators, a permissive mode is available that will not "
+"enforce the access control rules, but will evaluate them and will output a "
+"syslog message if access would have been denied. By examining the logs, "
+"administrators can then make the necessary changes before setting the mode "
+"to enforcing."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:287
+msgid "There are three supported values for this option:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd-ad.5.xml:291
+msgid ""
+"disabled: GPO-based access control rules are neither evaluated nor enforced."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd-ad.5.xml:297
+msgid "enforcing: GPO-based access control rules are evaluated and enforced."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd-ad.5.xml:303
+msgid ""
+"permissive: GPO-based access control rules are evaluated, but not enforced. "
+"Instead, a syslog message will be emitted indicating that the user would "
+"have been denied access if this option's value were set to enforcing."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:314
+msgid "Default: permissive"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ad.5.xml:320
+msgid "ad_gpo_cache_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:323
+msgid ""
+"The amount of time between lookups of GPO policy files against the AD server."
+" This will reduce the latency and load on the AD server if there are many "
+"access-control requests made in a short period."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ad.5.xml:336
+msgid "ad_gpo_map_interactive (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:339
+msgid ""
+"A comma-separated list of PAM service names for which GPO-based access "
+"control is evaluated based on the InteractiveLogonRight and "
+"DenyInteractiveLogonRight policy settings."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd-ad.5.xml:354
+#, no-wrap
+msgid ""
+" ad_gpo_map_interactive = +my_pam_service, -"
+"login\n"
+" "
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:345
+msgid ""
+"It is possible to add another PAM service name to the default set by using "
+"<quote>+service_name</quote> or to explicitly remove a PAM service name from "
+"the default set by using <quote>-service_name</quote>. For example, in "
+"order to replace a default PAM service name for this logon right (e.g. "
+"<quote>login</quote>) with a custom pam service name (e.g. "
+"<quote>my_pam_service</quote>), you would use the following configuration: "
+"<placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:358 sssd-ad.5.xml:423 sssd-ad.5.xml:458 sssd-ad.5.xml:498 sssd-ad.5.xml:559
+msgid "Default: the default set of PAM service names includes:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd-ad.5.xml:362
+msgid "login"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd-ad.5.xml:367
+msgid "su"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd-ad.5.xml:372
+msgid "su-l"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd-ad.5.xml:377
+msgid "gdm-fingerprint"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd-ad.5.xml:382
+msgid "gdm-password"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd-ad.5.xml:387
+msgid "gdm-smartcard"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd-ad.5.xml:392
+msgid "kdm"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ad.5.xml:401
+msgid "ad_gpo_map_remote_interactive (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:404
+msgid ""
+"A comma-separated list of PAM service names for which GPO-based access "
+"control is evaluated based on the RemoteInteractiveLogonRight and "
+"DenyRemoteInteractiveLogonRight policy settings."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd-ad.5.xml:419
+#, no-wrap
+msgid ""
+" ad_gpo_map_remote_interactive = "
+"+my_pam_service, -sshd\n"
+" "
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:410
+msgid ""
+"It is possible to add another PAM service name to the default set by using "
+"<quote>+service_name</quote> or to explicitly remove a PAM service name from "
+"the default set by using <quote>-service_name</quote>. For example, in "
+"order to replace a default PAM service name for this logon right (e.g. "
+"<quote>sshd</quote>) with a custom pam service name (e.g. "
+"<quote>my_pam_service</quote>), you would use the following configuration: "
+"<placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd-ad.5.xml:427
+msgid "sshd"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ad.5.xml:436
+msgid "ad_gpo_map_network (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:439
+msgid ""
+"A comma-separated list of PAM service names for which GPO-based access "
+"control is evaluated based on the NetworkLogonRight and "
+"DenyNetworkLogonRight policy settings."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd-ad.5.xml:454
+#, no-wrap
+msgid ""
+" ad_gpo_map_network = +my_pam_service, -ftp\n"
+" "
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:445
+msgid ""
+"It is possible to add another PAM service name to the default set by using "
+"<quote>+service_name</quote> or to explicitly remove a PAM service name from "
+"the default set by using <quote>-service_name</quote>. For example, in "
+"order to replace a default PAM service name for this logon right (e.g. "
+"<quote>ftp</quote>) with a custom pam service name (e.g. "
+"<quote>my_pam_service</quote>), you would use the following configuration: "
+"<placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd-ad.5.xml:462
+msgid "ftp"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd-ad.5.xml:467
+msgid "samba"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ad.5.xml:476
+msgid "ad_gpo_map_batch (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:479
+msgid ""
+"A comma-separated list of PAM service names for which GPO-based access "
+"control is evaluated based on the BatchLogonRight and DenyBatchLogonRight "
+"policy settings."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd-ad.5.xml:494
+#, no-wrap
+msgid ""
+" ad_gpo_map_batch = +my_pam_service, -crond\n"
+" "
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:485
+msgid ""
+"It is possible to add another PAM service name to the default set by using "
+"<quote>+service_name</quote> or to explicitly remove a PAM service name from "
+"the default set by using <quote>-service_name</quote>. For example, in "
+"order to replace a default PAM service name for this logon right (e.g. "
+"<quote>crond</quote>) with a custom pam service name (e.g. "
+"<quote>my_pam_service</quote>), you would use the following configuration: "
+"<placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd-ad.5.xml:502
+msgid "crond"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ad.5.xml:511
+msgid "ad_gpo_map_service (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:514
+msgid ""
+"A comma-separated list of PAM service names for which GPO-based access "
+"control is evaluated based on the ServiceLogonRight and "
+"DenyServiceLogonRight policy settings."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd-ad.5.xml:528
+#, no-wrap
+msgid ""
+" ad_gpo_map_service = +my_pam_service\n"
+" "
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:520 sssd-ad.5.xml:585
+msgid ""
+"It is possible to add a PAM service name to the default set by using "
+"<quote>+service_name</quote>. Since the default set is empty, it is not "
+"possible to remove a PAM service name from the default set. For example, in "
+"order to add a custom pam service name (e.g. <quote>my_pam_service</quote>), "
+"you would use the following configuration: <placeholder type="
+"\"programlisting\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ad.5.xml:538
+msgid "ad_gpo_map_permit (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:541
+msgid ""
+"A comma-separated list of PAM service names for which GPO-based access is "
+"always granted, regardless of any GPO Logon Rights."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd-ad.5.xml:555
+#, no-wrap
+msgid ""
+" ad_gpo_map_permit = +my_pam_service, -sudo\n"
+" "
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:546
+msgid ""
+"It is possible to add another PAM service name to the default set by using "
+"<quote>+service_name</quote> or to explicitly remove a PAM service name from "
+"the default set by using <quote>-service_name</quote>. For example, in "
+"order to replace a default PAM service name for unconditionally permitted "
+"access (e.g. <quote>sudo</quote>) with a custom pam service name (e.g. "
+"<quote>my_pam_service</quote>), you would use the following configuration: "
+"<placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd-ad.5.xml:563
+msgid "sudo"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd-ad.5.xml:568
+msgid "sudo-i"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ad.5.xml:577
+msgid "ad_gpo_map_deny (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:580
+msgid ""
+"A comma-separated list of PAM service names for which GPO-based access is "
+"always denied, regardless of any GPO Logon Rights."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd-ad.5.xml:593
+#, no-wrap
+msgid ""
+" ad_gpo_map_deny = +my_pam_service\n"
+" "
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ad.5.xml:603
+msgid "ad_gpo_default_right (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:606
+msgid ""
+"This option defines how access control is evaluated for PAM service names "
+"that are not explicitly listed in one of the ad_gpo_map_* options. This "
+"option can be set in two different manners. First, this option can be set to "
+"use a default logon right. For example, if this option is set to "
+"'interactive', it means that unmapped PAM service names will be processed "
+"based on the InteractiveLogonRight and DenyInteractiveLogonRight policy "
+"settings. Alternatively, this option can be set to either always permit or "
+"always deny access for unmapped PAM service names."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:619
+msgid "Supported values for this option include:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd-ad.5.xml:623
+msgid "interactive"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd-ad.5.xml:628
+msgid "remote_interactive"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd-ad.5.xml:633
+msgid "network"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd-ad.5.xml:638
+msgid "batch"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd-ad.5.xml:643
+msgid "service"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd-ad.5.xml:648
+msgid "permit"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd-ad.5.xml:653
+msgid "deny"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:659
+msgid "Default: deny"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:668
+msgid ""
+"Optional. This option tells SSSD to automatically update the Active "
+"Directory DNS server with the IP address of this client. The update is "
+"secured using GSS-TSIG. As a consequence, the Active Directory administrator "
+"only needs to allow secure updates for the DNS zone. The IP address of the "
+"AD LDAP connection is used for the updates, if it is not otherwise specified "
+"by using the <quote>dyndns_iface</quote> option."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:698
+msgid "Default: 3600 (seconds)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:712
+msgid "Default: Use the IP address of the AD LDAP connection"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ad.5.xml:764 sssd-krb5.5.xml:496
+msgid "krb5_use_enterprise_principal (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:767 sssd-krb5.5.xml:499
+msgid ""
+"Specifies if the user principal should be treated as enterprise principal. "
+"See section 5 of RFC 6806 for more details about enterprise principals."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ad.5.xml:794
+msgid ""
+"The following example assumes that SSSD is correctly configured and example."
+"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
+"This example shows only the AD provider-specific options."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-ad.5.xml:801
+#, no-wrap
+msgid ""
+"[domain/EXAMPLE]\n"
+"id_provider = ad\n"
+"auth_provider = ad\n"
+"access_provider = ad\n"
+"chpass_provider = ad\n"
+"\n"
+"ad_server = dc1.example.com\n"
+"ad_hostname = client.example.com\n"
+"ad_domain = example.com\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-ad.5.xml:821
+#, no-wrap
+msgid ""
+"access_provider = ldap\n"
+"ldap_access_order = expire\n"
+"ldap_account_expire_policy = ad\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ad.5.xml:817
+msgid ""
+"The AD access control provider checks if the account is expired. It has the "
+"same effect as the following configuration of the LDAP provider: "
+"<placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ad.5.xml:827
+msgid ""
+"However, unless the <quote>ad</quote> access control provider is explicitly "
+"configured, the default access provider is <quote>permit</quote>. Please "
+"note that if you configure an access provider other than <quote>ad</quote>, "
+"you need to set all the connection parameters (such as LDAP URIs and "
+"encryption details) manually."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd-sudo.5.xml:10 sssd-sudo.5.xml:16
+msgid "sssd-sudo"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sssd-sudo.5.xml:17
+msgid "Configuring sudo with the SSSD back end"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-sudo.5.xml:23
+msgid ""
+"This manual page describes how to configure <citerefentry> "
+"<refentrytitle>sudo</refentrytitle> <manvolnum>8</manvolnum> </citerefentry> "
+"to work with <citerefentry> <refentrytitle>sssd</refentrytitle> "
+"<manvolnum>8</manvolnum> </citerefentry> and how SSSD caches sudo rules."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-sudo.5.xml:36
+msgid "Configuring sudo to cooperate with SSSD"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-sudo.5.xml:38
+msgid ""
+"To enable SSSD as a source for sudo rules, add <emphasis>sss</emphasis> to "
+"the <emphasis>sudoers</emphasis> entry in <citerefentry> "
+"<refentrytitle>nsswitch.conf</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-sudo.5.xml:47
+msgid ""
+"For example, to configure sudo to first lookup rules in the standard "
+"<citerefentry> <refentrytitle>sudoers</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> file (which should contain rules that apply to "
+"local users) and then in SSSD, the nsswitch.conf file should contain the "
+"following line:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-sudo.5.xml:57
+#, no-wrap
+msgid "sudoers: files sss\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-sudo.5.xml:61
+msgid ""
+"More information about configuring the sudoers search order from the "
+"nsswitch.conf file as well as information about the LDAP schema that is used "
+"to store sudo rules in the directory can be found in <citerefentry> "
+"<refentrytitle>sudoers.ldap</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-sudo.5.xml:70
+msgid ""
+"<emphasis>Note</emphasis>: in order to use netgroups or IPA hostgroups in "
+"sudo rules, you also need to correctly set <citerefentry> "
+"<refentrytitle>nisdomainname</refentrytitle> <manvolnum>1</manvolnum> </"
+"citerefentry> to your NIS domain name (which equals to IPA domain name when "
+"using hostgroups)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-sudo.5.xml:82
+msgid "Configuring SSSD to fetch sudo rules"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-sudo.5.xml:84
+msgid ""
+"All configuration that is needed on SSSD side is to extend the list of "
+"<emphasis>services</emphasis> with \"sudo\" in [sssd] section of "
+"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry>. To speed up the LDAP lookups, you can also set "
+"search base for sudo rules using <emphasis>ldap_sudo_search_base</emphasis> "
+"option."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-sudo.5.xml:94
+msgid ""
+"The following example shows how to configure SSSD to download sudo rules "
+"from an LDAP server."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-sudo.5.xml:99
+#, no-wrap
+msgid ""
+"[sssd]\n"
+"config_file_version = 2\n"
+"services = nss, pam, sudo\n"
+"domains = EXAMPLE\n"
+"\n"
+"[domain/EXAMPLE]\n"
+"id_provider = ldap\n"
+"sudo_provider = ldap\n"
+"ldap_uri = ldap://example.com\n"
+"ldap_sudo_search_base = ou=sudoers,dc=example,dc=com\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-sudo.5.xml:112
+msgid ""
+"When the SSSD is configured to use IPA as the ID provider, the sudo provider "
+"is automatically enabled. The sudo search base is configured to use the "
+"compat tree (ou=sudoers,$DC)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-sudo.5.xml:119
+msgid "The SUDO rule caching mechanism"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-sudo.5.xml:121
+msgid ""
+"The biggest challenge, when developing sudo support in SSSD, was to ensure "
+"that running sudo with SSSD as the data source provides the same user "
+"experience and is as fast as sudo but keeps providing the most current set "
+"of rules as possible. To satisfy these requirements, SSSD uses three kinds "
+"of updates. They are referred to as full refresh, smart refresh and rules "
+"refresh."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-sudo.5.xml:129
+msgid ""
+"The <emphasis>smart refresh</emphasis> periodically downloads rules that are "
+"new or were modified after the last update. Its primary goal is to keep the "
+"database growing by fetching only small increments that do not generate "
+"large amounts of network traffic."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-sudo.5.xml:135
+msgid ""
+"The <emphasis>full refresh</emphasis> simply deletes all sudo rules stored "
+"in the cache and replaces them with all rules that are stored on the server. "
+"This is used to keep the cache consistent by removing every rule which was "
+"deleted from the server. However, full refresh may produce a lot of traffic "
+"and thus it should be run only occasionally depending on the size and "
+"stability of the sudo rules."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-sudo.5.xml:143
+msgid ""
+"The <emphasis>rules refresh</emphasis> ensures that we do not grant the user "
+"more permission than defined. It is triggered each time the user runs sudo. "
+"Rules refresh will find all rules that apply to this user, check their "
+"expiration time and redownload them if expired. In the case that any of "
+"these rules are missing on the server, the SSSD will do an out of band full "
+"refresh because more rules (that apply to other users) may have been deleted."
+""
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-sudo.5.xml:152
+msgid ""
+"If enabled, SSSD will store only rules that can be applied to this machine. "
+"This means rules that contain one of the following values in "
+"<emphasis>sudoHost</emphasis> attribute:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
+#: sssd-sudo.5.xml:159
+msgid "keyword ALL"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
+#: sssd-sudo.5.xml:164
+msgid "wildcard"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
+#: sssd-sudo.5.xml:169
+msgid "netgroup (in the form \"+netgroup\")"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
+#: sssd-sudo.5.xml:174
+msgid "hostname or fully qualified domain name of this machine"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
+#: sssd-sudo.5.xml:179
+msgid "one of the IP addresses of this machine"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
+#: sssd-sudo.5.xml:184
+msgid "one of the IP addresses of the network (in the form \"address/mask\")"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-sudo.5.xml:190
+msgid ""
+"There are many configuration options that can be used to adjust the behavior."
+" Please refer to \"ldap_sudo_*\" in <citerefentry> <refentrytitle>sssd-ldap</"
+"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> and \"sudo_*\" in "
+"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd.8.xml:10 sssd.8.xml:15
+msgid "sssd"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sssd.8.xml:16
+msgid "System Security Services Daemon"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sssd.8.xml:21
+msgid ""
+"<command>sssd</command> <arg choice='opt'> <replaceable>options</"
+"replaceable> </arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.8.xml:31
+msgid ""
+"<command>SSSD</command> provides a set of daemons to manage access to remote "
+"directories and authentication mechanisms. It provides an NSS and PAM "
+"interface toward the system and a pluggable backend system to connect to "
+"multiple different account sources as well as D-Bus interface. It is also "
+"the basis to provide client auditing and policy services for projects like "
+"FreeIPA. It provides a more robust database to store local users as well as "
+"extended user data."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:46
+msgid ""
+"<option>-d</option>,<option>--debug-level</option> <replaceable>LEVEL</"
+"replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:53
+msgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:57
+msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:60
+msgid "<emphasis>0</emphasis>: Disable timestamp in the debug messages"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:69
+msgid "<option>--debug-microseconds=</option><replaceable>mode</replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:73
+msgid ""
+"<emphasis>1</emphasis>: Add microseconds to the timestamp in debug messages"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:76
+msgid "<emphasis>0</emphasis>: Disable microseconds in timestamp"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:85
+msgid "<option>-f</option>,<option>--debug-to-files</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:89
+msgid ""
+"Send the debug output to files instead of stderr. By default, the log files "
+"are stored in <filename>/var/log/sssd</filename> and there are separate log "
+"files for every SSSD service and domain."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:97
+msgid "<option>-D</option>,<option>--daemon</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:101
+msgid "Become a daemon after starting up."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:107 sss_seed.8.xml:136
+msgid "<option>-i</option>,<option>--interactive</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:111
+msgid "Run in the foreground, don't become a daemon."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:117 sss_debuglevel.8.xml:42
+msgid "<option>-c</option>,<option>--config</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:121 sss_debuglevel.8.xml:46
+msgid ""
+"Specify a non-default config file. The default is <filename>/etc/sssd/sssd."
+"conf</filename>. For reference on the config file syntax and options, "
+"consult the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> manual page."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:135
+msgid "<option>--version</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:139
+msgid "Print version number and exit."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd.8.xml:147
+msgid "Signals"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:150
+msgid "SIGTERM/SIGINT"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:153
+msgid ""
+"Informs the SSSD to gracefully terminate all of its child processes and then "
+"shut down the monitor."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:159
+msgid "SIGHUP"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:162
+msgid ""
+"Tells the SSSD to stop writing to its current debug file descriptors and to "
+"close and reopen them. This is meant to facilitate log rolling with programs "
+"like logrotate."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:170
+msgid "SIGUSR1"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:173
+msgid ""
+"Tells the SSSD to simulate offline operation for the duration of the "
+"<quote>offline_timeout</quote> parameter. This is useful for testing. The "
+"signal can be sent to either the sssd process or any sssd_be process "
+"directly."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:182
+msgid "SIGUSR2"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:185
+msgid ""
+"Tells the SSSD to go online immediately. This is useful for testing. The "
+"signal can be sent to either the sssd process or any sssd_be process "
+"directly."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.8.xml:197
+msgid ""
+"If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client "
+"applications will not use the fast in memory cache."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15
+msgid "sss_obfuscate"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_obfuscate.8.xml:16
+msgid "obfuscate a clear text password"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_obfuscate.8.xml:21
+msgid ""
+"<command>sss_obfuscate</command> <arg choice='opt'> <replaceable>options</"
+"replaceable> </arg> <arg choice='plain'><replaceable>[PASSWORD]</"
+"replaceable></arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_obfuscate.8.xml:32
+msgid ""
+"<command>sss_obfuscate</command> converts a given password into human-"
+"unreadable format and places it into appropriate domain section of the SSSD "
+"config file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_obfuscate.8.xml:37
+msgid ""
+"The cleartext password is read from standard input or entered interactively. "
+" The obfuscated password is put into <quote>ldap_default_authtok</quote> "
+"parameter of a given SSSD domain and the <quote>ldap_default_authtok_type</"
+"quote> parameter is set to <quote>obfuscated_password</quote>. Refer to "
+"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> for more details on these parameters."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_obfuscate.8.xml:49
+msgid ""
+"Please note that obfuscating the password provides <emphasis>no real "
+"security benefit</emphasis> as it is still possible for an attacker to "
+"reverse-engineer the password back. Using better authentication mechanisms "
+"such as client side certificates or GSSAPI is <emphasis>strongly</emphasis> "
+"advised."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_obfuscate.8.xml:63
+msgid "<option>-s</option>,<option>--stdin</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_obfuscate.8.xml:67
+msgid "The password to obfuscate will be read from standard input."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_obfuscate.8.xml:74 sss_ssh_authorizedkeys.1.xml:79 sss_ssh_knownhostsproxy.1.xml:78
+msgid ""
+"<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</"
+"replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_obfuscate.8.xml:79
+msgid ""
+"The SSSD domain to use the password in. The default name is <quote>default</"
+"quote>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_obfuscate.8.xml:86
+msgid ""
+"<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_obfuscate.8.xml:91
+msgid "Read the config file specified by the positional parameter."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_obfuscate.8.xml:95
+msgid "Default: <filename>/etc/sssd/sssd.conf</filename>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_useradd.8.xml:10 sss_useradd.8.xml:15
+msgid "sss_useradd"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_useradd.8.xml:16
+msgid "create a new user"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_useradd.8.xml:21
+msgid ""
+"<command>sss_useradd</command> <arg choice='opt'> <replaceable>options</"
+"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></"
+"arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_useradd.8.xml:32
+msgid ""
+"<command>sss_useradd</command> creates a new user account using the values "
+"specified on the command line plus the default values from the system."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:43 sss_seed.8.xml:76
+msgid ""
+"<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:48
+msgid ""
+"Set the UID of the user to the value of <replaceable>UID</replaceable>. If "
+"not given, it is chosen automatically."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:55 sss_usermod.8.xml:43 sss_seed.8.xml:100
+msgid ""
+"<option>-c</option>,<option>--gecos</option> <replaceable>COMMENT</"
+"replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:60 sss_usermod.8.xml:48 sss_seed.8.xml:105
+msgid ""
+"Any text string describing the user. Often used as the field for the user's "
+"full name."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:67 sss_usermod.8.xml:55 sss_seed.8.xml:112
+msgid ""
+"<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</"
+"replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:72
+msgid ""
+"The home directory of the user account. The default is to append the "
+"<replaceable>LOGIN</replaceable> name to <filename>/home</filename> and use "
+"that as the home directory. The base that is prepended before "
+"<replaceable>LOGIN</replaceable> is tunable with <quote>user_defaults/"
+"baseDirectory</quote> setting in sssd.conf."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:82 sss_usermod.8.xml:66 sss_seed.8.xml:124
+msgid ""
+"<option>-s</option>,<option>--shell</option> <replaceable>SHELL</"
+"replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:87
+msgid ""
+"The user's login shell. The default is currently <filename>/bin/bash</"
+"filename>. The default can be changed with <quote>user_defaults/"
+"defaultShell</quote> setting in sssd.conf."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:96
+msgid ""
+"<option>-G</option>,<option>--groups</option> <replaceable>GROUPS</"
+"replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:101
+msgid "A list of existing groups this user is also a member of."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:107
+msgid "<option>-m</option>,<option>--create-home</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:111
+msgid ""
+"Create the user's home directory if it does not exist. The files and "
+"directories contained in the skeleton directory (which can be defined with "
+"the -k option or in the config file) will be copied to the home directory."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:121
+msgid "<option>-M</option>,<option>--no-create-home</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:125
+msgid ""
+"Do not create the user's home directory. Overrides configuration settings."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:132
+msgid ""
+"<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</"
+"replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:137
+msgid ""
+"The skeleton directory, which contains files and directories to be copied in "
+"the user's home directory, when the home directory is created by "
+"<command>sss_useradd</command>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:143
+msgid ""
+"Special files (block devices, character devices, named pipes and unix "
+"sockets) will not be copied."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:147
+msgid ""
+"This option is only valid if the <option>-m</option> (or <option>--create-"
+"home</option>) option is specified, or creation of home directories is set "
+"to TRUE in the configuration."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:156 sss_usermod.8.xml:124
+msgid ""
+"<option>-Z</option>,<option>--selinux-user</option> "
+"<replaceable>SELINUX_USER</replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:161
+msgid ""
+"The SELinux user for the user's login. If not specified, the system default "
+"will be used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16
+msgid "sssd-krb5"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sssd-krb5.5.xml:17
+msgid "SSSD Kerberos provider"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-krb5.5.xml:23
+msgid ""
+"This manual page describes the configuration of the Kerberos 5 "
+"authentication backend for <citerefentry> <refentrytitle>sssd</"
+"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. For a detailed "
+"syntax reference, please refer to the <quote>FILE FORMAT</quote> section of "
+"the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> manual page."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-krb5.5.xml:36
+msgid ""
+"The Kerberos 5 authentication backend contains auth and chpass providers. It "
+"must be paired with an identity provider in order to function properly (for "
+"example, id_provider = ldap). Some information required by the Kerberos 5 "
+"authentication backend must be provided by the identity provider, such as "
+"the user's Kerberos Principal Name (UPN). The configuration of the identity "
+"provider should have an entry to specify the UPN. Please refer to the man "
+"page for the applicable identity provider for details on how to configure "
+"this."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-krb5.5.xml:47
+msgid ""
+"This backend also provides access control based on the .k5login file in the "
+"home directory of the user. See <citerefentry> <refentrytitle>.k5login</"
+"refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. "
+"Please note that an empty .k5login file will deny all access to this user. "
+"To activate this feature, use 'access_provider = krb5' in your SSSD "
+"configuration."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-krb5.5.xml:55
+msgid ""
+"In the case where the UPN is not available in the identity backend, "
+"<command>sssd</command> will construct a UPN using the format "
+"<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:77
+msgid ""
+"Specifies the comma-separated list of IP addresses or hostnames of the "
+"Kerberos servers to which SSSD should connect, in the order of preference. "
+"For more information on failover and server redundancy, see the "
+"<quote>FAILOVER</quote> section. An optional port number (preceded by a "
+"colon) may be appended to the addresses or hostnames. If empty, service "
+"discovery is enabled; for more information, refer to the <quote>SERVICE "
+"DISCOVERY</quote> section."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:106
+msgid ""
+"The name of the Kerberos realm. This option is required and must be "
+"specified."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:113
+msgid "krb5_kpasswd, krb5_backup_kpasswd (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:116
+msgid ""
+"If the change password service is not running on the KDC, alternative "
+"servers can be defined here. An optional port number (preceded by a colon) "
+"may be appended to the addresses or hostnames."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:122
+msgid ""
+"For more information on failover and server redundancy, see the "
+"<quote>FAILOVER</quote> section. NOTE: Even if there are no more kpasswd "
+"servers to try, the backend is not switched to operate offline if "
+"authentication against the KDC is still possible."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:129
+msgid "Default: Use the KDC"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:135
+msgid "krb5_ccachedir (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:138
+msgid ""
+"Directory to store credential caches. All the substitution sequences of "
+"krb5_ccname_template can be used here, too, except %d and %P. The directory "
+"is created as private and owned by the user, with permissions set to 0700."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:145
+msgid "Default: /tmp"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:151
+msgid "krb5_ccname_template (string)"
+msgstr ""
+
+#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:165 include/override_homedir.xml:11
+msgid "%u"
+msgstr ""
+
+#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:166 include/override_homedir.xml:12
+msgid "login name"
+msgstr ""
+
+#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:169 include/override_homedir.xml:15
+msgid "%U"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:170
+msgid "login UID"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:173
+msgid "%p"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:174
+msgid "principal name"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:178
+msgid "%r"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:179
+msgid "realm name"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:182
+msgid "%h"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:183 sssd-ifp.5.xml:108
+msgid "home directory"
+msgstr ""
+
+#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:187 include/override_homedir.xml:19
+msgid "%d"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:188
+msgid "value of krb5_ccachedir"
+msgstr ""
+
+#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:193 include/override_homedir.xml:27
+msgid "%P"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:194
+msgid "the process ID of the SSSD client"
+msgstr ""
+
+#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:199 include/override_homedir.xml:45
+msgid "%%"
+msgstr ""
+
+#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:200 include/override_homedir.xml:46
+msgid "a literal '%'"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:154
+msgid ""
+"Location of the user's credential cache. Three credential cache types are "
+"currently supported: <quote>FILE</quote>, <quote>DIR</quote> and "
+"<quote>KEYRING:persistent</quote>. The cache can be specified either as "
+"<replaceable>TYPE:RESIDUAL</replaceable>, or as an absolute path, which "
+"implies the <quote>FILE</quote> type. In the template, the following "
+"sequences are substituted: <placeholder type=\"variablelist\" id=\"0\"/> If "
+"the template ends with 'XXXXXX' mkstemp(3) is used to create a unique "
+"filename in a safe way."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:208
+msgid ""
+"When using KEYRING types, the only supported mechanism is <quote>KEYRING:"
+"persistent:%U</quote>, which uses the Linux kernel keyring to store "
+"credentials on a per-UID basis. This is also the recommended choice, as it "
+"is the most secure and predictable method."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:216
+msgid ""
+"The default value for the credential cache name is sourced from the profile "
+"stored in the system wide krb5.conf configuration file in the [libdefaults] "
+"section. The option name is default_ccache_name. See krb5.conf(5)'s "
+"PARAMETER EXPANSION paragraph for additional information on the expansion "
+"format defined by krb5.conf."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:225
+msgid "Default: (from libkrb5)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:231
+msgid "krb5_auth_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:234
+msgid ""
+"Timeout in seconds after an online authentication request or change password "
+"request is aborted. If possible, the authentication request is continued "
+"offline."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:248
+msgid ""
+"Verify with the help of krb5_keytab that the TGT obtained has not been "
+"spoofed. The keytab is checked for entries sequentially, and the first entry "
+"with a matching realm is used for validation. If no entry matches the realm, "
+"the last entry in the keytab is used. This process can be used to validate "
+"environments using cross-realm trust by placing the appropriate keytab entry "
+"as the last entry or the only entry in the keytab file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:263
+msgid "krb5_keytab (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:266
+msgid ""
+"The location of the keytab to use when validating credentials obtained from "
+"KDCs."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:270
+msgid "Default: /etc/krb5.keytab"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:276
+msgid "krb5_store_password_if_offline (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:279
+msgid ""
+"Store the password of the user if the provider is offline and use it to "
+"request a TGT when the provider comes online again."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:284
+msgid ""
+"NOTE: this feature is only available on Linux. Passwords stored in this way "
+"are kept in plaintext in the kernel keyring and are potentially accessible "
+"by the root user (with difficulty)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:297
+msgid "krb5_renewable_lifetime (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:300
+msgid ""
+"Request a renewable ticket with a total lifetime, given as an integer "
+"immediately followed by a time unit:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:305 sssd-krb5.5.xml:339 sssd-krb5.5.xml:376
+msgid "<emphasis>s</emphasis> for seconds"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:308 sssd-krb5.5.xml:342 sssd-krb5.5.xml:379
+msgid "<emphasis>m</emphasis> for minutes"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:311 sssd-krb5.5.xml:345 sssd-krb5.5.xml:382
+msgid "<emphasis>h</emphasis> for hours"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:314 sssd-krb5.5.xml:348 sssd-krb5.5.xml:385
+msgid "<emphasis>d</emphasis> for days."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:317 sssd-krb5.5.xml:388
+msgid "If there is no unit given, <emphasis>s</emphasis> is assumed."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:321 sssd-krb5.5.xml:392
+msgid ""
+"NOTE: It is not possible to mix units. To set the renewable lifetime to one "
+"and a half hours, use '90m' instead of '1h30m'."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:326
+msgid "Default: not set, i.e. the TGT is not renewable"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:332
+msgid "krb5_lifetime (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:335
+msgid ""
+"Request ticket with a lifetime, given as an integer immediately followed by "
+"a time unit:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:351
+msgid "If there is no unit given <emphasis>s</emphasis> is assumed."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:355
+msgid ""
+"NOTE: It is not possible to mix units. To set the lifetime to one and a "
+"half hours please use '90m' instead of '1h30m'."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:360
+msgid ""
+"Default: not set, i.e. the default ticket lifetime configured on the KDC."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:367
+msgid "krb5_renew_interval (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:370
+msgid ""
+"The time in seconds between two checks if the TGT should be renewed. TGTs "
+"are renewed if about half of their lifetime is exceeded, given as an integer "
+"immediately followed by a time unit:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:397
+msgid "If this option is not set or is 0 the automatic renewal is disabled."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:415
+msgid ""
+"<emphasis>never</emphasis> use FAST. This is equivalent to not setting this "
+"option at all."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:419
+msgid ""
+"<emphasis>try</emphasis> to use FAST. If the server does not support FAST, "
+"continue the authentication without it."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:429
+msgid "Default: not set, i.e. FAST is not used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:432
+msgid "NOTE: a keytab is required to use FAST."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:444
+msgid "krb5_fast_principal (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:447
+msgid "Specifies the server principal to use for FAST."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:456
+msgid ""
+"Specifies if the host and user principal should be canonicalized. This "
+"feature is available with MIT Kerberos 1.7 and later versions."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:505
+msgid "Default: false (AD provider: true)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-krb5.5.xml:65
+msgid ""
+"If the auth-module krb5 is used in an SSSD domain, the following options "
+"must be used. See the <citerefentry> <refentrytitle>sssd.conf</"
+"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page, section "
+"<quote>DOMAIN SECTIONS</quote>, for details on the configuration of an SSSD "
+"domain. <placeholder type=\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-krb5.5.xml:521
+msgid ""
+"The following example assumes that SSSD is correctly configured and FOO is "
+"one of the domains in the <replaceable>[sssd]</replaceable> section. This "
+"example shows only configuration of Kerberos authentication; it does not "
+"include any identity provider."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-krb5.5.xml:529
+#, no-wrap
+msgid ""
+" [domain/FOO]\n"
+" auth_provider = krb5\n"
+" krb5_server = 192.168.1.1\n"
+" krb5_realm = EXAMPLE.COM\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_groupadd.8.xml:10 sss_groupadd.8.xml:15
+msgid "sss_groupadd"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_groupadd.8.xml:16
+msgid "create a new group"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_groupadd.8.xml:21
+msgid ""
+"<command>sss_groupadd</command> <arg choice='opt'> <replaceable>options</"
+"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></"
+"arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_groupadd.8.xml:32
+msgid ""
+"<command>sss_groupadd</command> creates a new group. These groups are "
+"compatible with POSIX groups, with the additional feature that they can "
+"contain other groups as members."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_groupadd.8.xml:43 sss_seed.8.xml:88
+msgid ""
+"<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_groupadd.8.xml:48
+msgid ""
+"Set the GID of the group to the value of <replaceable>GID</replaceable>. If "
+"not given, it is chosen automatically."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_userdel.8.xml:10 sss_userdel.8.xml:15
+msgid "sss_userdel"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_userdel.8.xml:16
+msgid "delete a user account"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_userdel.8.xml:21
+msgid ""
+"<command>sss_userdel</command> <arg choice='opt'> <replaceable>options</"
+"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></"
+"arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_userdel.8.xml:32
+msgid ""
+"<command>sss_userdel</command> deletes a user identified by login name "
+"<replaceable>LOGIN</replaceable> from the system."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_userdel.8.xml:44
+msgid "<option>-r</option>,<option>--remove</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_userdel.8.xml:48
+msgid ""
+"Files in the user's home directory will be removed along with the home "
+"directory itself and the user's mail spool. Overrides the configuration."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_userdel.8.xml:56
+msgid "<option>-R</option>,<option>--no-remove</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_userdel.8.xml:60
+msgid ""
+"Files in the user's home directory will NOT be removed along with the home "
+"directory itself and the user's mail spool. Overrides the configuration."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_userdel.8.xml:68
+msgid "<option>-f</option>,<option>--force</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_userdel.8.xml:72
+msgid ""
+"This option forces <command>sss_userdel</command> to remove the user's home "
+"directory and mail spool, even if they are not owned by the specified user."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_userdel.8.xml:80
+msgid "<option>-k</option>,<option>--kick</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_userdel.8.xml:84
+msgid "Before actually deleting the user, terminate all his processes."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_groupdel.8.xml:10 sss_groupdel.8.xml:15
+msgid "sss_groupdel"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_groupdel.8.xml:16
+msgid "delete a group"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_groupdel.8.xml:21
+msgid ""
+"<command>sss_groupdel</command> <arg choice='opt'> <replaceable>options</"
+"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></"
+"arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_groupdel.8.xml:32
+msgid ""
+"<command>sss_groupdel</command> deletes a group identified by its name "
+"<replaceable>GROUP</replaceable> from the system."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15
+msgid "sss_groupshow"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_groupshow.8.xml:16
+msgid "print properties of a group"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_groupshow.8.xml:21
+msgid ""
+"<command>sss_groupshow</command> <arg choice='opt'> <replaceable>options</"
+"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></"
+"arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_groupshow.8.xml:32
+msgid ""
+"<command>sss_groupshow</command> displays information about a group "
+"identified by its name <replaceable>GROUP</replaceable>. The information "
+"includes the group ID number, members of the group and the parent group."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_groupshow.8.xml:43
+msgid "<option>-R</option>,<option>--recursive</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_groupshow.8.xml:47
+msgid ""
+"Also print indirect group members in a tree-like hierarchy. Note that this "
+"also affects printing parent groups - without <option>R</option>, only the "
+"direct parent will be printed."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_usermod.8.xml:10 sss_usermod.8.xml:15
+msgid "sss_usermod"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_usermod.8.xml:16
+msgid "modify a user account"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_usermod.8.xml:21
+msgid ""
+"<command>sss_usermod</command> <arg choice='opt'> <replaceable>options</"
+"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></"
+"arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_usermod.8.xml:32
+msgid ""
+"<command>sss_usermod</command> modifies the account specified by "
+"<replaceable>LOGIN</replaceable> to reflect the changes that are specified "
+"on the command line."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_usermod.8.xml:60
+msgid "The home directory of the user account."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_usermod.8.xml:71
+msgid "The user's login shell."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_usermod.8.xml:82
+msgid ""
+"Append this user to groups specified by the <replaceable>GROUPS</"
+"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is "
+"a comma separated list of group names."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_usermod.8.xml:96
+msgid ""
+"Remove this user from groups specified by the <replaceable>GROUPS</"
+"replaceable> parameter."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_usermod.8.xml:103
+msgid "<option>-l</option>,<option>--lock</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_usermod.8.xml:107
+msgid "Lock the user account. The user won't be able to log in."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_usermod.8.xml:114
+msgid "<option>-u</option>,<option>--unlock</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_usermod.8.xml:118
+msgid "Unlock the user account."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_usermod.8.xml:129
+msgid "The SELinux user for the user's login."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_usermod.8.xml:135
+msgid "<option>--addattr</option> <replaceable>ATTR_NAME_VAL</replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_usermod.8.xml:140
+msgid "Add an attribute/value pair. The format is attrname=value."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_usermod.8.xml:147
+msgid "<option>--setattr</option> <replaceable>ATTR_NAME_VAL</replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_usermod.8.xml:152
+msgid ""
+"Set an attribute to a name/value pair. The format is attrname=value. For "
+"multi-valued attributes, the command replaces the values already present"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_usermod.8.xml:160
+msgid "<option>--delattr</option> <replaceable>ATTR_NAME_VAL</replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_usermod.8.xml:165
+msgid "Delete an attribute/value pair. The format is attrname=value."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_cache.8.xml:10 sss_cache.8.xml:15
+msgid "sss_cache"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_cache.8.xml:16
+msgid "perform cache cleanup"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_cache.8.xml:21
+msgid ""
+"<command>sss_cache</command> <arg choice='opt'> <replaceable>options</"
+"replaceable> </arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_cache.8.xml:31
+msgid ""
+"<command>sss_cache</command> invalidates records in SSSD cache. Invalidated "
+"records are forced to be reloaded from server as soon as related SSSD "
+"backend is online."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_cache.8.xml:42
+msgid "<option>-E</option>,<option>--everything</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_cache.8.xml:46
+msgid "Invalidate all cached entries except for sudo rules."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_cache.8.xml:52
+msgid ""
+"<option>-u</option>,<option>--user</option> <replaceable>login</replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_cache.8.xml:57
+msgid "Invalidate specific user."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_cache.8.xml:63
+msgid "<option>-U</option>,<option>--users</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_cache.8.xml:67
+msgid ""
+"Invalidate all user records. This option overrides invalidation of specific "
+"user if it was also set."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_cache.8.xml:74
+msgid ""
+"<option>-g</option>,<option>--group</option> <replaceable>group</"
+"replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_cache.8.xml:79
+msgid "Invalidate specific group."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_cache.8.xml:85
+msgid "<option>-G</option>,<option>--groups</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_cache.8.xml:89
+msgid ""
+"Invalidate all group records. This option overrides invalidation of specific "
+"group if it was also set."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_cache.8.xml:96
+msgid ""
+"<option>-n</option>,<option>--netgroup</option> <replaceable>netgroup</"
+"replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_cache.8.xml:101
+msgid "Invalidate specific netgroup."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_cache.8.xml:107
+msgid "<option>-N</option>,<option>--netgroups</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_cache.8.xml:111
+msgid ""
+"Invalidate all netgroup records. This option overrides invalidation of "
+"specific netgroup if it was also set."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_cache.8.xml:118
+msgid ""
+"<option>-s</option>,<option>--service</option> <replaceable>service</"
+"replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_cache.8.xml:123
+msgid "Invalidate specific service."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_cache.8.xml:129
+msgid "<option>-S</option>,<option>--services</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_cache.8.xml:133
+msgid ""
+"Invalidate all service records. This option overrides invalidation of "
+"specific service if it was also set."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_cache.8.xml:140
+msgid ""
+"<option>-a</option>,<option>--autofs-map</option> <replaceable>autofs-map</"
+"replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_cache.8.xml:145
+msgid "Invalidate specific autofs maps."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_cache.8.xml:151
+msgid "<option>-A</option>,<option>--autofs-maps</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_cache.8.xml:155
+msgid ""
+"Invalidate all autofs maps. This option overrides invalidation of specific "
+"map if it was also set."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_cache.8.xml:162
+msgid ""
+"<option>-h</option>,<option>--ssh-host</option> <replaceable>hostname</"
+"replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_cache.8.xml:167
+msgid "Invalidate SSH public keys of a specific host."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_cache.8.xml:173
+msgid "<option>-H</option>,<option>--ssh-hosts</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_cache.8.xml:177
+msgid ""
+"Invalidate SSH public keys of all hosts. This option overrides invalidation "
+"of SSH public keys of specific host if it was also set."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_cache.8.xml:185
+msgid ""
+"<option>-d</option>,<option>--domain</option> <replaceable>domain</"
+"replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_cache.8.xml:190
+msgid "Restrict invalidation process only to a particular domain."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_debuglevel.8.xml:10 sss_debuglevel.8.xml:15
+msgid "sss_debuglevel"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_debuglevel.8.xml:16
+msgid "change debug level while SSSD is running"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_debuglevel.8.xml:21
+msgid ""
+"<command>sss_debuglevel</command> <arg choice='opt'> <replaceable>options</"
+"replaceable> </arg> <arg choice='plain'><replaceable>NEW_DEBUG_LEVEL</"
+"replaceable></arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_debuglevel.8.xml:32
+msgid ""
+"<command>sss_debuglevel</command> changes debug level of SSSD monitor and "
+"providers to <replaceable>NEW_DEBUG_LEVEL</replaceable> while SSSD is "
+"running."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_debuglevel.8.xml:59
+msgid "<replaceable>NEW_DEBUG_LEVEL</replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_seed.8.xml:10 sss_seed.8.xml:15
+msgid "sss_seed"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_seed.8.xml:16
+msgid "seed the SSSD cache with a user"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_seed.8.xml:21
+msgid ""
+"<command>sss_seed</command> <arg choice='opt'> <replaceable>options</"
+"replaceable> </arg> <arg choice='plain'>-D <replaceable>DOMAIN</"
+"replaceable></arg> <arg choice='plain'>-n <replaceable>USER</replaceable></"
+"arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_seed.8.xml:33
+msgid ""
+"<command>sss_seed</command> seeds the SSSD cache with a user entry and "
+"temporary password. If a user entry is already present in the SSSD cache "
+"then the entry is updated with the temporary password."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_seed.8.xml:46
+msgid ""
+"<option>-D</option>,<option>--domain</option> <replaceable>DOMAIN</"
+"replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_seed.8.xml:51
+msgid ""
+"Provide the name of the domain in which the user is a member of. The domain "
+"is also used to retrieve user information. The domain must be configured in "
+"sssd.conf. The <replaceable>DOMAIN</replaceable> option must be provided. "
+"Information retrieved from the domain overrides what is provided in the "
+"options."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_seed.8.xml:63
+msgid ""
+"<option>-n</option>,<option>--username</option> <replaceable>USER</"
+"replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_seed.8.xml:68
+msgid ""
+"The username of the entry to be created or modified in the cache. The "
+"<replaceable>USER</replaceable> option must be provided."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_seed.8.xml:81
+msgid "Set the UID of the user to <replaceable>UID</replaceable>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_seed.8.xml:93
+msgid "Set the GID of the user to <replaceable>GID</replaceable>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_seed.8.xml:117
+msgid ""
+"Set the home directory of the user to <replaceable>HOME_DIR</replaceable>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_seed.8.xml:129
+msgid "Set the login shell of the user to <replaceable>SHELL</replaceable>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_seed.8.xml:140
+msgid ""
+"Interactive mode for entering user information. This option will only prompt "
+"for information not provided in the options or retrieved from the domain."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_seed.8.xml:148
+msgid ""
+"<option>-p</option>,<option>--password-file</option> <replaceable>PASS_FILE</"
+"replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_seed.8.xml:153
+msgid ""
+"Specify file to read user's password from. (if not specified password is "
+"prompted for)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_seed.8.xml:165
+msgid ""
+"The length of the password (or the size of file specified with -p or --"
+"password-file option) must be less than or equal to PASS_MAX bytes (64 bytes "
+"on systems with no globally-defined PASS_MAX value)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd-ifp.5.xml:10 sssd-ifp.5.xml:16
+msgid "sssd-ifp"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sssd-ifp.5.xml:17
+msgid "SSSD InfoPipe responder"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ifp.5.xml:23
+msgid ""
+"This manual page describes the configuration of the InfoPipe responder for "
+"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> "
+"</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE "
+"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</"
+"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ifp.5.xml:36
+msgid ""
+"The InfoPipe responder provides a public D-Bus interface accessible over the "
+"system bus. The interface allows the user to query information about remote "
+"users and groups over the system bus."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ifp.5.xml:46
+msgid "These options can be used to configure the InfoPipe responder."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd-ifp.5.xml:53
+msgid ""
+"Specifies the comma-separated list of UID values or user names that are "
+"allowed to access the InfoPipe responder. User names are resolved to UIDs at "
+"startup."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd-ifp.5.xml:59
+msgid ""
+"Default: 0 (only the root user is allowed to access the InfoPipe responder)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd-ifp.5.xml:63
+msgid ""
+"Please note that although the UID 0 is used as the default it will be "
+"overwritten with this option. If you still want to allow the root user to "
+"access the InfoPipe responder, which would be the typical case, you have to "
+"add 0 to the list of allowed UIDs as well."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd-ifp.5.xml:74
+msgid "user_attributes (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd-ifp.5.xml:77
+msgid "Specifies the comma-separated list of white or blacklisted attributes."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd-ifp.5.xml:91
+msgid "name"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-ifp.5.xml:92
+msgid "user's login name"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd-ifp.5.xml:95
+msgid "uidNumber"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-ifp.5.xml:96
+msgid "user ID"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd-ifp.5.xml:99
+msgid "gidNumber"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-ifp.5.xml:100
+msgid "primary group ID"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd-ifp.5.xml:103
+msgid "gecos"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-ifp.5.xml:104
+msgid "user information, typically full name"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd-ifp.5.xml:107
+msgid "homeDirectory"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd-ifp.5.xml:111
+msgid "loginShell"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-ifp.5.xml:112
+msgid "user shell"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd-ifp.5.xml:81
+msgid ""
+"By default, the InfoPipe responder only allows the default set of POSIX "
+"attributes to be requested. This set is the same as returned by "
+"<citerefentry> <refentrytitle>getpwnam</refentrytitle> <manvolnum>3</"
+"manvolnum> </citerefentry> and includes: <placeholder type=\"variablelist\" "
+"id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd-ifp.5.xml:125
+#, no-wrap
+msgid ""
+"user_attributes = +telephoneNumber, -loginShell\n"
+" "
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd-ifp.5.xml:117
+msgid ""
+"It is possible to add another attribute to this set by using "
+"<quote>+attr_name</quote> or explicitly remove an attribute using <quote>-"
+"attr_name</quote>. For example, to allow <quote>telephoneNumber</quote> but "
+"deny <quote>loginShell</quote>, you would use the following configuration: "
+"<placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd-ifp.5.xml:129
+msgid "Default: not set. Only the default set of POSIX attributes is allowed."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refentryinfo>
+#: sss_rpcidmapd.5.xml:8
+msgid ""
+"<productname>sss rpc.idmapd plugin</productname> <author> <firstname>Noam</"
+"firstname> <surname>Meltzer</surname> <affiliation> <orgname>Primary Data "
+"Inc.</orgname> </affiliation> <contrib>Developer (2013-2014)</contrib> </"
+"author> <author> <firstname>Noam</firstname> <surname>Meltzer</surname> "
+"<contrib>Developer (2014-)</contrib> <email>tsnoam@gmail.com</email> </"
+"author>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_rpcidmapd.5.xml:26 sss_rpcidmapd.5.xml:32
+msgid "sss_rpcidmapd"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_rpcidmapd.5.xml:33
+msgid "sss plugin configuration directives for rpc.idmapd"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sss_rpcidmapd.5.xml:37
+msgid "CONFIGURATION FILE"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_rpcidmapd.5.xml:39
+msgid ""
+"rpc.idmapd configuration file is usually found at <emphasis>/etc/idmapd."
+"conf</emphasis>. See <citerefentry> <refentrytitle>idmapd.conf</"
+"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more information."
+""
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sss_rpcidmapd.5.xml:49
+msgid "SSS CONFIGURATION EXTENSION"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sss_rpcidmapd.5.xml:51
+msgid "Enable SSS plugin"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para>
+#: sss_rpcidmapd.5.xml:53
+msgid ""
+"In section <quote>[Translation]</quote>, modify/set <quote>Method</quote> "
+"attribute to contain <emphasis>sss</emphasis>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sss_rpcidmapd.5.xml:59
+msgid "[sss] config section"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para>
+#: sss_rpcidmapd.5.xml:61
+msgid ""
+"In order to change the default of one of the configuration attributes of the "
+"<emphasis>sss</emphasis> plugin listed below you will need to create a "
+"config section for it, named <quote>[sss]</quote>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
+#: sss_rpcidmapd.5.xml:67
+msgid "Configuration attributes"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sss_rpcidmapd.5.xml:69
+msgid "memcache (bool)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sss_rpcidmapd.5.xml:72
+msgid "Indicates whether or not to use memcache optimisation technique."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sss_rpcidmapd.5.xml:85
+msgid "SSSD INTEGRATION"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_rpcidmapd.5.xml:87
+msgid ""
+"The sss plugin requires the <emphasis>NSS Responder</emphasis> to be enabled "
+"in sssd."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_rpcidmapd.5.xml:91
+msgid ""
+"The attribute <quote>use_fully_qualified_names</quote> must be enabled on "
+"all domains (NFSv4 clients expect a fully qualified name to be sent on the "
+"wire)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sss_rpcidmapd.5.xml:103
+#, no-wrap
+msgid ""
+"[General]\n"
+"Verbosity = 2\n"
+"# domain must be synced between NFSv4 server and clients\n"
+"# Solaris/Illumos/AIX use \"localdomain\" as default!\n"
+"Domain = default\n"
+"\n"
+"[Mapping]\n"
+"Nobody-User = nfsnobody\n"
+"Nobody-Group = nfsnobody\n"
+"\n"
+"[Translation]\n"
+"Method = sss\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_rpcidmapd.5.xml:100
+msgid ""
+"The following example shows a minimal idmapd.conf which makes use of the sss "
+"plugin. <placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <refsect1><title>
+#: sss_rpcidmapd.5.xml:120 include/seealso.xml:2
+msgid "SEE ALSO"
+msgstr "另见"
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_rpcidmapd.5.xml:122
+msgid ""
+"<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>idmapd.conf</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_ssh_authorizedkeys.1.xml:10 sss_ssh_authorizedkeys.1.xml:15
+msgid "sss_ssh_authorizedkeys"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refmeta><manvolnum>
+#: sss_ssh_authorizedkeys.1.xml:11 sss_ssh_knownhostsproxy.1.xml:11
+msgid "1"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_ssh_authorizedkeys.1.xml:16
+msgid "get OpenSSH authorized keys"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_ssh_authorizedkeys.1.xml:21
+msgid ""
+"<command>sss_ssh_authorizedkeys</command> <arg choice='opt'> "
+"<replaceable>options</replaceable> </arg> <arg choice="
+"'plain'><replaceable>USER</replaceable></arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_ssh_authorizedkeys.1.xml:32
+msgid ""
+"<command>sss_ssh_authorizedkeys</command> acquires SSH public keys for user "
+"<replaceable>USER</replaceable> and outputs them in OpenSSH authorized_keys "
+"format (see the <quote>AUTHORIZED_KEYS FILE FORMAT</quote> section of "
+"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></"
+"citerefentry> for more information)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_ssh_authorizedkeys.1.xml:41
+msgid ""
+"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></"
+"citerefentry> can be configured to use <command>sss_ssh_authorizedkeys</"
+"command> for public key user authentication if it is compiled with support "
+"for either <quote>AuthorizedKeysCommand</quote> or <quote>PubkeyAgent</"
+"quote> <citerefentry> <refentrytitle>sshd_config</refentrytitle> "
+"<manvolnum>5</manvolnum></citerefentry> options."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sss_ssh_authorizedkeys.1.xml:58
+#, no-wrap
+msgid "AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_ssh_authorizedkeys.1.xml:51
+msgid ""
+"If <quote>AuthorizedKeysCommand</quote> is supported, "
+"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></"
+"citerefentry> can be configured to use it by putting the following directive "
+"in <citerefentry> <refentrytitle>sshd_config</refentrytitle> <manvolnum>5</"
+"manvolnum></citerefentry>: <placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sss_ssh_authorizedkeys.1.xml:69
+#, no-wrap
+msgid "PubKeyAgent /usr/bin/sss_ssh_authorizedkeys %u\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_ssh_authorizedkeys.1.xml:62
+msgid ""
+"If <quote>PubkeyAgent</quote> is supported, "
+"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></"
+"citerefentry> can be configured to use it by using the following directive "
+"for <citerefentry> <refentrytitle>sshd</refentrytitle> <manvolnum>8</"
+"manvolnum></citerefentry> configuration: <placeholder type="
+"\"programlisting\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_ssh_authorizedkeys.1.xml:84
+msgid ""
+"Search for user public keys in SSSD domain <replaceable>DOMAIN</replaceable>."
+""
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sss_ssh_authorizedkeys.1.xml:93 sss_ssh_knownhostsproxy.1.xml:92
+msgid "EXIT STATUS"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_ssh_authorizedkeys.1.xml:95 sss_ssh_knownhostsproxy.1.xml:94
+msgid ""
+"In case of success, an exit value of 0 is returned. Otherwise, 1 is returned."
+""
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_ssh_knownhostsproxy.1.xml:10 sss_ssh_knownhostsproxy.1.xml:15
+msgid "sss_ssh_knownhostsproxy"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_ssh_knownhostsproxy.1.xml:16
+msgid "get OpenSSH host keys"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_ssh_knownhostsproxy.1.xml:21
+msgid ""
+"<command>sss_ssh_knownhostsproxy</command> <arg choice='opt'> "
+"<replaceable>options</replaceable> </arg> <arg choice="
+"'plain'><replaceable>HOST</replaceable></arg> <arg choice="
+"'opt'><replaceable>PROXY_COMMAND</replaceable></arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_ssh_knownhostsproxy.1.xml:33
+msgid ""
+"<command>sss_ssh_knownhostsproxy</command> acquires SSH host public keys for "
+"host <replaceable>HOST</replaceable>, stores them in a custom OpenSSH "
+"known_hosts file (see the <quote>SSH_KNOWN_HOSTS FILE FORMAT</quote> section "
+"of <citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</"
+"manvolnum></citerefentry> for more information) <filename>/var/lib/sss/"
+"pubconf/known_hosts</filename> and estabilishes connection to the host."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_ssh_knownhostsproxy.1.xml:43
+msgid ""
+"If <replaceable>PROXY_COMMAND</replaceable> is specified, it is used to "
+"create the connection to the host instead of opening a socket."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sss_ssh_knownhostsproxy.1.xml:55
+#, no-wrap
+msgid ""
+"ProxyCommand /usr/bin/sss_ssh_knownhostsproxy -p %p %h\n"
+"GlobalKnownHostsFile /var/lib/sss/pubconf/known_hosts\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_ssh_knownhostsproxy.1.xml:48
+msgid ""
+"<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></"
+"citerefentry> can be configured to use <command>sss_ssh_knownhostsproxy</"
+"command> for host key authentication by using the following directives for "
+"<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></"
+"citerefentry> configuration: <placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_ssh_knownhostsproxy.1.xml:66
+msgid ""
+"<option>-p</option>,<option>--port</option> <replaceable>PORT</replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_ssh_knownhostsproxy.1.xml:71
+msgid ""
+"Use port <replaceable>PORT</replaceable> to connect to the host. By "
+"default, port 22 is used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_ssh_knownhostsproxy.1.xml:83
+msgid ""
+"Search for host public keys in SSSD domain <replaceable>DOMAIN</replaceable>."
+""
+msgstr ""
+
+#. type: Content of: <refsect1><title>
+#: include/service_discovery.xml:2
+msgid "SERVICE DISCOVERY"
+msgstr ""
+
+#. type: Content of: <refsect1><para>
+#: include/service_discovery.xml:4
+msgid ""
+"The service discovery feature allows back ends to automatically find the "
+"appropriate servers to connect to using a special DNS query. This feature is "
+"not supported for backup servers."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><title>
+#: include/service_discovery.xml:9 include/ldap_id_mapping.xml:99
+msgid "Configuration"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/service_discovery.xml:11
+msgid ""
+"If no servers are specified, the back end automatically uses service "
+"discovery to try to find a server. Optionally, the user may choose to use "
+"both fixed server addresses and service discovery by inserting a special "
+"keyword, <quote>_srv_</quote>, in the list of servers. The order of "
+"preference is maintained. This feature is useful if, for example, the user "
+"prefers to use service discovery whenever possible, and fall back to a "
+"specific server when no servers can be discovered using DNS."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><title>
+#: include/service_discovery.xml:23
+msgid "The domain name"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/service_discovery.xml:25
+msgid ""
+"Please refer to the <quote>dns_discovery_domain</quote> parameter in the "
+"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> manual page for more details."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><title>
+#: include/service_discovery.xml:35
+msgid "The protocol"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/service_discovery.xml:37
+msgid ""
+"The queries usually specify _tcp as the protocol. Exceptions are documented "
+"in respective option description."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><title>
+#: include/service_discovery.xml:42
+msgid "See Also"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/service_discovery.xml:44
+msgid ""
+"For more information on the service discovery mechanism, refer to RFC 2782."
+msgstr ""
+
+#. type: Content of: outside any tag (error?)
+#: include/upstream.xml:1
+msgid "<placeholder type=\"refentryinfo\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <refsect1><title>
+#: include/failover.xml:2
+msgid "FAILOVER"
+msgstr ""
+
+#. type: Content of: <refsect1><para>
+#: include/failover.xml:4
+msgid ""
+"The failover feature allows back ends to automatically switch to a different "
+"server if the current server fails."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><title>
+#: include/failover.xml:8
+msgid "Failover Syntax"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/failover.xml:10
+msgid ""
+"The list of servers is given as a comma-separated list; any number of spaces "
+"is allowed around the comma. The servers are listed in order of preference. "
+"The list can contain any number of servers."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/failover.xml:16
+msgid ""
+"For each failover-enabled config option, two variants exist: "
+"<emphasis>primary</emphasis> and <emphasis>backup</emphasis>. The idea is "
+"that servers in the primary list are preferred and backup servers are only "
+"searched if no primary servers can be reached. If a backup server is "
+"selected, a timeout of 31 seconds is set. After this timeout SSSD will "
+"periodically try to reconnect to one of the primary servers. If it succeeds, "
+"it will replace the current active (backup) server."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><title>
+#: include/failover.xml:27
+msgid "The Failover Mechanism"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/failover.xml:29
+msgid ""
+"The failover mechanism distinguishes between a machine and a service. The "
+"back end first tries to resolve the hostname of a given machine; if this "
+"resolution attempt fails, the machine is considered offline. No further "
+"attempts are made to connect to this machine for any other service. If the "
+"resolution attempt succeeds, the back end tries to connect to a service on "
+"this machine. If the service connection attempt fails, then only this "
+"particular service is considered offline and the back end automatically "
+"switches over to the next service. The machine is still considered online "
+"and might still be tried for another service."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/failover.xml:42
+msgid ""
+"Further connection attempts are made to machines or services marked as "
+"offline after a specified period of time; this is currently hard coded to 30 "
+"seconds."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/failover.xml:47
+msgid ""
+"If there are no more machines to try, the back end as a whole switches to "
+"offline mode, and then attempts to reconnect every 30 seconds."
+msgstr ""
+
+#. type: Content of: <refsect1><title>
+#: include/ldap_id_mapping.xml:2
+msgid "ID MAPPING"
+msgstr ""
+
+#. type: Content of: <refsect1><para>
+#: include/ldap_id_mapping.xml:4
+msgid ""
+"The ID-mapping feature allows SSSD to act as a client of Active Directory "
+"without requiring administrators to extend user attributes to support POSIX "
+"attributes for user and group identifiers."
+msgstr ""
+
+#. type: Content of: <refsect1><para>
+#: include/ldap_id_mapping.xml:9
+msgid ""
+"NOTE: When ID-mapping is enabled, the uidNumber and gidNumber attributes are "
+"ignored. This is to avoid the possibility of conflicts between automatically-"
+"assigned and manually-assigned values. If you need to use manually-assigned "
+"values, ALL values must be manually-assigned."
+msgstr ""
+
+#. type: Content of: <refsect1><para>
+#: include/ldap_id_mapping.xml:16
+msgid ""
+"Please note that changing the ID mapping related configuration options will "
+"cause user and group IDs to change. At the moment, SSSD does not support "
+"changing IDs, so the SSSD database must be removed. Because cached passwords "
+"are also stored in the database, removing the database should only be "
+"performed while the authentication servers are reachable, otherwise users "
+"might get locked out. In order to cache the password, an authentication must "
+"be performed. It is not sufficient to use <citerefentry> "
+"<refentrytitle>sss_cache</refentrytitle> <manvolnum>8</manvolnum> </"
+"citerefentry> to remove the database, rather the process consists of:"
+msgstr ""
+
+#. type: Content of: <refsect1><para><itemizedlist><listitem><para>
+#: include/ldap_id_mapping.xml:33
+msgid "Making sure the remote servers are reachable"
+msgstr ""
+
+#. type: Content of: <refsect1><para><itemizedlist><listitem><para>
+#: include/ldap_id_mapping.xml:38
+msgid "Stopping the SSSD service"
+msgstr ""
+
+#. type: Content of: <refsect1><para><itemizedlist><listitem><para>
+#: include/ldap_id_mapping.xml:43
+msgid "Removing the database"
+msgstr ""
+
+#. type: Content of: <refsect1><para><itemizedlist><listitem><para>
+#: include/ldap_id_mapping.xml:48
+msgid "Starting the SSSD service"
+msgstr ""
+
+#. type: Content of: <refsect1><para>
+#: include/ldap_id_mapping.xml:52
+msgid ""
+"Moreover, as the change of IDs might necessitate the adjustment of other "
+"system properties such as file and directory ownership, it's advisable to "
+"plan ahead and test the ID mapping configuration thoroughly."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><title>
+#: include/ldap_id_mapping.xml:59
+msgid "Mapping Algorithm"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/ldap_id_mapping.xml:61
+msgid ""
+"Active Directory provides an objectSID for every user and group object in "
+"the directory. This objectSID can be broken up into components that "
+"represent the Active Directory domain identity and the relative identifier "
+"(RID) of the user or group object."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/ldap_id_mapping.xml:67
+msgid ""
+"The SSSD ID-mapping algorithm takes a range of available UIDs and divides it "
+"into equally-sized component sections - called \"slices\"-. Each slice "
+"represents the space available to an Active Directory domain."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/ldap_id_mapping.xml:73
+msgid ""
+"When a user or group entry for a particular domain is encountered for the "
+"first time, the SSSD allocates one of the available slices for that domain. "
+"In order to make this slice-assignment repeatable on different client "
+"machines, we select the slice based on the following algorithm:"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/ldap_id_mapping.xml:80
+msgid ""
+"The SID string is passed through the murmurhash3 algorithm to convert it to "
+"a 32-bit hashed value. We then take the modulus of this value with the total "
+"number of available slices to pick the slice."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/ldap_id_mapping.xml:86
+msgid ""
+"NOTE: It is possible to encounter collisions in the hash and subsequent "
+"modulus. In these situations, we will select the next available slice, but "
+"it may not be possible to reproduce the same exact set of slices on other "
+"machines (since the order that they are encountered will determine their "
+"slice). In this situation, it is recommended to either switch to using "
+"explicit POSIX attributes in Active Directory (disabling ID-mapping) or "
+"configure a default domain to guarantee that at least one is always "
+"consistent. See <quote>Configuration</quote> for details."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/ldap_id_mapping.xml:101
+msgid ""
+"Minimum configuration (in the <quote>[domain/DOMAINNAME]</quote> section):"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para><programlisting>
+#: include/ldap_id_mapping.xml:106
+#, no-wrap
+msgid "ldap_id_mapping = True\n"
+"ldap_schema = ad\n"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/ldap_id_mapping.xml:111
+msgid ""
+"The default configuration results in configuring 10,000 slices, each capable "
+"of holding up to 200,000 IDs, starting from 10,001 and going up to "
+"2,000,100,000. This should be sufficient for most deployments."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><title>
+#: include/ldap_id_mapping.xml:117
+msgid "Advanced Configuration"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
+#: include/ldap_id_mapping.xml:120
+msgid "ldap_idmap_range_min (integer)"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
+#: include/ldap_id_mapping.xml:123
+msgid ""
+"Specifies the lower bound of the range of POSIX IDs to use for mapping "
+"Active Directory user and group SIDs."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
+#: include/ldap_id_mapping.xml:127
+msgid ""
+"NOTE: This option is different from <quote>min_id</quote> in that "
+"<quote>min_id</quote> acts to filter the output of requests to this domain, "
+"whereas this option controls the range of ID assignment. This is a subtle "
+"distinction, but the good general advice would be to have <quote>min_id</"
+"quote> be less-than or equal to <quote>ldap_idmap_range_min</quote>"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
+#: include/ldap_id_mapping.xml:137 include/ldap_id_mapping.xml:189
+msgid "Default: 200000"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
+#: include/ldap_id_mapping.xml:142
+msgid "ldap_idmap_range_max (integer)"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
+#: include/ldap_id_mapping.xml:145
+msgid ""
+"Specifies the upper bound of the range of POSIX IDs to use for mapping "
+"Active Directory user and group SIDs."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
+#: include/ldap_id_mapping.xml:149
+msgid ""
+"NOTE: This option is different from <quote>max_id</quote> in that "
+"<quote>max_id</quote> acts to filter the output of requests to this domain, "
+"whereas this option controls the range of ID assignment. This is a subtle "
+"distinction, but the good general advice would be to have <quote>max_id</"
+"quote> be greater-than or equal to <quote>ldap_idmap_range_max</quote>"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
+#: include/ldap_id_mapping.xml:159
+msgid "Default: 2000200000"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
+#: include/ldap_id_mapping.xml:164
+msgid "ldap_idmap_range_size (integer)"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
+#: include/ldap_id_mapping.xml:167
+msgid ""
+"Specifies the number of IDs available for each slice. If the range size "
+"does not divide evenly into the min and max values, it will create as many "
+"complete slices as it can."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
+#: include/ldap_id_mapping.xml:173
+msgid ""
+"NOTE: The value of this option must be at least as large as the highest user "
+"RID planned for use on the Active Directory server. User lookups and login "
+"will fail for any user whose RID is greater than this value."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
+#: include/ldap_id_mapping.xml:179
+msgid ""
+"For example, if your most recently-added Active Directory user has objectSid="
+"S-1-5-21-2153326666-2176343378-3404031434-1107, "
+"<quote>ldap_idmap_range_size</quote> must be at least 1107."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
+#: include/ldap_id_mapping.xml:184
+msgid ""
+"It is important to plan ahead for future expansion, as changing this value "
+"will result in changing all of the ID mappings on the system, leading to "
+"users with different local IDs than they previously had."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
+#: include/ldap_id_mapping.xml:194
+msgid "ldap_idmap_default_domain_sid (string)"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
+#: include/ldap_id_mapping.xml:197
+msgid ""
+"Specify the domain SID of the default domain. This will guarantee that this "
+"domain will always be assigned to slice zero in the ID map, bypassing the "
+"murmurhash algorithm described above."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
+#: include/ldap_id_mapping.xml:208
+msgid "ldap_idmap_default_domain (string)"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
+#: include/ldap_id_mapping.xml:211
+msgid "Specify the name of the default domain."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
+#: include/ldap_id_mapping.xml:219
+msgid "ldap_idmap_autorid_compat (boolean)"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
+#: include/ldap_id_mapping.xml:222
+msgid ""
+"Changes the behavior of the ID-mapping algorithm to behave more similarly to "
+"winbind's <quote>idmap_autorid</quote> algorithm."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
+#: include/ldap_id_mapping.xml:227
+msgid ""
+"When this option is configured, domains will be allocated starting with "
+"slice zero and increasing monatomically with each additional domain."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
+#: include/ldap_id_mapping.xml:232
+msgid ""
+"NOTE: This algorithm is non-deterministic (it depends on the order that "
+"users and groups are requested). If this mode is required for compatibility "
+"with machines running winbind, it is recommended to also use the "
+"<quote>ldap_idmap_default_domain_sid</quote> option to guarantee that at "
+"least one domain is consistently allocated to slice zero."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><title>
+#: include/ldap_id_mapping.xml:251
+msgid "Well-Known SIDs"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/ldap_id_mapping.xml:253
+msgid ""
+"SSSD supports to look up the names of Well-Known SIDs, i.e. SIDs with a "
+"special hardcoded meaning. Since the generic users and groups related to "
+"those Well-Known SIDs have no equivalent in a Linux/UNIX environment no "
+"POSIX IDs are available for those objects."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/ldap_id_mapping.xml:259
+msgid ""
+"The SID name space is organized in authorities which can be seen as "
+"different domains. The authorities for the Well-Known SIDs are"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para><itemizedlist><listitem><para>
+#: include/ldap_id_mapping.xml:262
+msgid "Null Authority"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para><itemizedlist><listitem><para>
+#: include/ldap_id_mapping.xml:263
+msgid "World Authority"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para><itemizedlist><listitem><para>
+#: include/ldap_id_mapping.xml:264
+msgid "Local Authority"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para><itemizedlist><listitem><para>
+#: include/ldap_id_mapping.xml:265
+msgid "Creator Authority"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para><itemizedlist><listitem><para>
+#: include/ldap_id_mapping.xml:266
+msgid "NT Authority"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para><itemizedlist><listitem><para>
+#: include/ldap_id_mapping.xml:267
+msgid "Built-in"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/ldap_id_mapping.xml:269
+msgid ""
+"The capitalized version of these names are used as domain names when "
+"returning the fully qualified name of a Well-Known SID."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/ldap_id_mapping.xml:273
+msgid ""
+"Since some utilities allow to modify SID based access control information "
+"with the help of a name instead of using the SID directly SSSD supports to "
+"look up the SID by the name as well. To avoid collisions only the fully "
+"qualified names can be used to look up Well-Known SIDs. As a result the "
+"domain names <quote>NULL AUTHORITY</quote>, <quote>WORLD AUTHORITY</quote>, "
+"<quote> LOCAL AUTHORITY</quote>, <quote>CREATOR AUTHORITY</quote>, <quote>NT "
+"AUTHORITY</quote> and <quote>BUILTIN</quote> should not be used as domain "
+"names in <filename>sssd.conf</filename>."
+msgstr ""
+
+#. type: Content of: <varlistentry><term>
+#: include/param_help.xml:3
+msgid "<option>-?</option>,<option>--help</option>"
+msgstr ""
+
+#. type: Content of: <varlistentry><listitem><para>
+#: include/param_help.xml:7 include/param_help_py.xml:7
+msgid "Display help message and exit."
+msgstr ""
+
+#. type: Content of: <varlistentry><term>
+#: include/param_help_py.xml:3
+msgid "<option>-h</option>,<option>--help</option>"
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:3
+msgid ""
+"SSSD supports two representations for specifying the debug level. The "
+"simplest is to specify a decimal value from 0-9, which represents enabling "
+"that level and all lower-level debug messages. The more comprehensive option "
+"is to specify a hexadecimal bitmask to enable or disable specific levels "
+"(such as if you wish to suppress a level)."
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:10
+msgid "Currently supported debug levels:"
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:13
+msgid ""
+"<emphasis>0</emphasis>, <emphasis>0x0010</emphasis>: Fatal failures. "
+"Anything that would prevent SSSD from starting up or causes it to cease "
+"running."
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:19
+msgid ""
+"<emphasis>1</emphasis>, <emphasis>0x0020</emphasis>: Critical failures. An "
+"error that doesn't kill the SSSD, but one that indicates that at least one "
+"major feature is not going to work properly."
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:26
+msgid ""
+"<emphasis>2</emphasis>, <emphasis>0x0040</emphasis>: Serious failures. An "
+"error announcing that a particular request or operation has failed."
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:31
+msgid ""
+"<emphasis>3</emphasis>, <emphasis>0x0080</emphasis>: Minor failures. These "
+"are the errors that would percolate down to cause the operation failure of 2."
+""
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:36
+msgid ""
+"<emphasis>4</emphasis>, <emphasis>0x0100</emphasis>: Configuration settings."
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:40
+msgid "<emphasis>5</emphasis>, <emphasis>0x0200</emphasis>: Function data."
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:44
+msgid ""
+"<emphasis>6</emphasis>, <emphasis>0x0400</emphasis>: Trace messages for "
+"operation functions."
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:48
+msgid ""
+"<emphasis>7</emphasis>, <emphasis>0x1000</emphasis>: Trace messages for "
+"internal control functions."
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:53
+msgid ""
+"<emphasis>8</emphasis>, <emphasis>0x2000</emphasis>: Contents of function-"
+"internal variables that may be interesting."
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:58
+msgid ""
+"<emphasis>9</emphasis>, <emphasis>0x4000</emphasis>: Extremely low-level "
+"tracing information."
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:62
+msgid ""
+"To log required bitmask debug levels, simply add their numbers together as "
+"shown in following examples:"
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:66
+msgid ""
+"<emphasis>Example</emphasis>: To log fatal failures, critical failures, "
+"serious failures and function data use 0x0270."
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:70
+msgid ""
+"<emphasis>Example</emphasis>: To log fatal failures, configuration settings, "
+"function data, trace messages for internal control functions use 0x1310."
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:75
+msgid ""
+"<emphasis>Note</emphasis>: The bitmask format of debug levels was introduced "
+"in 1.7.0."
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:79
+msgid "<emphasis>Default</emphasis>: 0"
+msgstr ""
+
+#. type: Content of: outside any tag (error?)
+#: include/experimental.xml:1
+msgid ""
+"<emphasis> This is an experimental feature, please use http://fedorahosted."
+"org/sssd to report any issues. </emphasis>"
+msgstr ""
+
+#. type: Content of: <refsect1><title>
+#: include/local.xml:2
+msgid "THE LOCAL DOMAIN"
+msgstr ""
+
+#. type: Content of: <refsect1><para>
+#: include/local.xml:4
+msgid ""
+"In order to function correctly, a domain with <quote>id_provider=local</"
+"quote> must be created and the SSSD must be running."
+msgstr ""
+
+#. type: Content of: <refsect1><para>
+#: include/local.xml:9
+msgid ""
+"The administrator might want to use the SSSD local users instead of "
+"traditional UNIX users in cases where the group nesting (see <citerefentry> "
+"<refentrytitle>sss_groupadd</refentrytitle> <manvolnum>8</manvolnum> </"
+"citerefentry>) is needed. The local users are also useful for testing and "
+"development of the SSSD without having to deploy a full remote server. The "
+"<command>sss_user*</command> and <command>sss_group*</command> tools use a "
+"local LDB storage to store users and groups."
+msgstr ""
+
+#. type: Content of: <refsect1><para>
+#: include/seealso.xml:4
+msgid ""
+"<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>sssd.conf</"
+"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</"
+"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sssd-simple</refentrytitle><manvolnum>5</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>sssd-ipa</"
+"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sssd-ad</refentrytitle><manvolnum>5</manvolnum> </"
+"citerefentry>, <phrase condition=\"with_sudo\"> <citerefentry> "
+"<refentrytitle>sssd-sudo</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry>, </phrase> <citerefentry> <refentrytitle>sss_cache</"
+"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sss_debuglevel</refentrytitle><manvolnum>8</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</"
+"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</"
+"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</"
+"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</"
+"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sss_obfuscate</refentrytitle><manvolnum>8</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>sss_seed</"
+"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sssd_krb5_locator_plugin</refentrytitle><manvolnum>8</"
+"manvolnum> </citerefentry>, <phrase condition=\"with_ssh\"> <citerefentry> "
+"<refentrytitle>sss_ssh_authorizedkeys</refentrytitle> <manvolnum>8</"
+"manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sss_ssh_knownhostsproxy</refentrytitle> <manvolnum>8</"
+"manvolnum> </citerefentry>, </phrase> <phrase condition=\"with_ifp\"> "
+"<citerefentry> <refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry>, </phrase> <citerefentry> <refentrytitle>pam_sss</"
+"refentrytitle><manvolnum>8</manvolnum> </citerefentry>. <citerefentry> "
+"<refentrytitle>sss_rpcidmapd</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry>"
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/ldap_search_bases.xml:3
+msgid ""
+"An optional base DN, search scope and LDAP filter to restrict LDAP searches "
+"for this attribute type."
+msgstr ""
+
+#. type: Content of: <listitem><para><programlisting>
+#: include/ldap_search_bases.xml:9
+#, no-wrap
+msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]\n"
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/ldap_search_bases.xml:7
+msgid "syntax: <placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/ldap_search_bases.xml:13
+msgid ""
+"The scope can be one of \"base\", \"onelevel\" or \"subtree\". The scope "
+"functions as specified in section 4.5.1.2 of http://tools.ietf.org/html/"
+"rfc4511"
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/ldap_search_bases.xml:23
+msgid ""
+"For examples of this syntax, please refer to the <quote>ldap_search_base</"
+"quote> examples section."
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/ldap_search_bases.xml:31
+msgid ""
+"Please note that specifying scope or filter is not supported for searches "
+"against an Active Directory Server that might yield a large number of "
+"results and trigger the Range Retrieval extension in the response."
+msgstr ""
+
+#. type: Content of: <para>
+#: include/autofs_restart.xml:2
+msgid ""
+"Please note that the automounter only reads the master map on startup, so if "
+"any autofs-related changes are made to the sssd.conf, you typically also "
+"need to restart the automounter daemon after restarting the SSSD."
+msgstr ""
+
+#. type: Content of: <varlistentry><term>
+#: include/override_homedir.xml:2
+msgid "override_homedir (string)"
+msgstr ""
+
+#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: include/override_homedir.xml:16
+msgid "UID number"
+msgstr ""
+
+#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: include/override_homedir.xml:20
+msgid "domain name"
+msgstr ""
+
+#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><term>
+#: include/override_homedir.xml:23
+msgid "%f"
+msgstr ""
+
+#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: include/override_homedir.xml:24
+msgid "fully qualified user name (user@domain)"
+msgstr ""
+
+#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: include/override_homedir.xml:28
+msgid "UPN - User Principal Name (name@REALM)"
+msgstr ""
+
+#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><term>
+#: include/override_homedir.xml:31
+msgid "%o"
+msgstr ""
+
+#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: include/override_homedir.xml:33
+msgid "The original home directory retrieved from the identity provider."
+msgstr ""
+
+#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><term>
+#: include/override_homedir.xml:38
+msgid "%H"
+msgstr ""
+
+#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: include/override_homedir.xml:40
+msgid "The value of configure option <emphasis>homedir_substring</emphasis>."
+msgstr ""
+
+#. type: Content of: <varlistentry><listitem><para>
+#: include/override_homedir.xml:5
+msgid ""
+"Override the user's home directory. You can either provide an absolute value "
+"or a template. In the template, the following sequences are substituted: "
+"<placeholder type=\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <varlistentry><listitem><para>
+#: include/override_homedir.xml:52
+msgid "This option can also be set per-domain."
+msgstr ""
+
+#. type: Content of: <varlistentry><listitem><para><programlisting>
+#: include/override_homedir.xml:57
+#, no-wrap
+msgid "override_homedir = /home/%u\n"
+" "
+msgstr ""
+
+#. type: Content of: <varlistentry><listitem><para>
+#: include/override_homedir.xml:61
+msgid "Default: Not set (SSSD will use the value retrieved from LDAP)"
+msgstr ""
+
+#. type: Content of: <varlistentry><term>
+#: include/homedir_substring.xml:2
+msgid "homedir_substring (string)"
+msgstr ""
+
+#. type: Content of: <varlistentry><listitem><para>
+#: include/homedir_substring.xml:5
+msgid ""
+"The value of this option will be used in the expansion of the "
+"<emphasis>override_homedir</emphasis> option if the template contains the "
+"format string <emphasis>%H</emphasis>. An LDAP directory entry can directly "
+"contain this template so that this option can be used to expand the home "
+"directory path for each client machine (or operating system). It can be set "
+"per-domain or globally in the [nss] section. A value specified in a domain "
+"section will override one set in the [nss] section."
+msgstr ""
+
+#. type: Content of: <varlistentry><listitem><para>
+#: include/homedir_substring.xml:15
+msgid "Default: /home"
+msgstr ""
diff --git a/src/man/po/zh_CN.po b/src/man/po/zh_CN.po
index 39f78d0fb..b12cf3b14 100644
--- a/src/man/po/zh_CN.po
+++ b/src/man/po/zh_CN.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: sssd-docs 1.12.2\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2015-02-18 16:52+0100\n"
+"POT-Creation-Date: 2015-06-12 10:36+0200\n"
"PO-Revision-Date: 2014-06-04 02:04-0400\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Chinese (China) (http://www.transifex.com/projects/p/sssd/"
@@ -18,7 +18,7 @@ msgstr ""
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=1; plural=0;\n"
-"X-Generator: Zanata 3.5.1\n"
+"X-Generator: Zanata 3.6.2\n"
#. type: Content of: <reference><title>
#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5
@@ -231,11 +231,11 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:81 sssd.conf.5.xml:571 sssd.conf.5.xml:1014
+#: sssd.conf.5.xml:81 sssd.conf.5.xml:602 sssd.conf.5.xml:1066
#: sssd-ldap.5.xml:1625 sssd-ldap.5.xml:1722 sssd-ldap.5.xml:1784
-#: sssd-ldap.5.xml:2273 sssd-ldap.5.xml:2338 sssd-ldap.5.xml:2356
+#: sssd-ldap.5.xml:2324 sssd-ldap.5.xml:2389 sssd-ldap.5.xml:2407
#: sssd-ipa.5.xml:378 sssd-ipa.5.xml:413 sssd-ad.5.xml:166 sssd-ad.5.xml:264
-#: sssd-ad.5.xml:714 sssd-ad.5.xml:806 sssd-krb5.5.xml:490
+#: sssd-ad.5.xml:714 sssd-ad.5.xml:806 sssd-krb5.5.xml:499
msgid "Default: true"
msgstr ""
@@ -252,16 +252,16 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:94 sssd.conf.5.xml:968 sssd.conf.5.xml:2043
+#: sssd.conf.5.xml:94 sssd.conf.5.xml:1020 sssd.conf.5.xml:2095
#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1499 sssd-ldap.5.xml:1518
-#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:2060 sssd-ipa.5.xml:139
-#: sssd-ipa.5.xml:208 sssd-ipa.5.xml:543 sssd-krb5.5.xml:257
-#: sssd-krb5.5.xml:291 sssd-krb5.5.xml:462
+#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:2111 sssd-ipa.5.xml:139
+#: sssd-ipa.5.xml:208 sssd-ipa.5.xml:543 sssd-krb5.5.xml:266
+#: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471
msgid "Default: false"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:67 sssd.conf.5.xml:105 sssd-ldap.5.xml:2081
+#: sssd.conf.5.xml:67 sssd.conf.5.xml:105 sssd-ldap.5.xml:2132
msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
@@ -298,7 +298,7 @@ msgid "The [sssd] section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:137 sssd.conf.5.xml:2127
+#: sssd.conf.5.xml:137 sssd.conf.5.xml:2179
msgid "Section parameters"
msgstr ""
@@ -367,7 +367,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:193 sssd.conf.5.xml:1826
+#: sssd.conf.5.xml:193 sssd.conf.5.xml:1878
msgid "re_expression (string)"
msgstr ""
@@ -387,12 +387,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:210 sssd.conf.5.xml:1877
+#: sssd.conf.5.xml:210 sssd.conf.5.xml:1929
msgid "full_name_format (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:213 sssd.conf.5.xml:1880
+#: sssd.conf.5.xml:213 sssd.conf.5.xml:1932
msgid ""
"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
"manvolnum> </citerefentry>-compatible format that describes how to compose a "
@@ -400,39 +400,39 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:224 sssd.conf.5.xml:1891
+#: sssd.conf.5.xml:224 sssd.conf.5.xml:1943
msgid "%1$s"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:225 sssd.conf.5.xml:1892
+#: sssd.conf.5.xml:225 sssd.conf.5.xml:1944
msgid "user name"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:228 sssd.conf.5.xml:1895
+#: sssd.conf.5.xml:228 sssd.conf.5.xml:1947
msgid "%2$s"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:231 sssd.conf.5.xml:1898
+#: sssd.conf.5.xml:231 sssd.conf.5.xml:1950
msgid "domain name as specified in the SSSD config file."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:237 sssd.conf.5.xml:1904
+#: sssd.conf.5.xml:237 sssd.conf.5.xml:1956
msgid "%3$s"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:240 sssd.conf.5.xml:1907
+#: sssd.conf.5.xml:240 sssd.conf.5.xml:1959
msgid ""
"domain flat name. Mostly usable for Active Directory domains, both directly "
"configured or discovered via IPA trusts."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:221 sssd.conf.5.xml:1888
+#: sssd.conf.5.xml:221 sssd.conf.5.xml:1940
msgid ""
"The following expansions are supported: <placeholder type=\"variablelist\" "
"id=\"0\"/>"
@@ -549,8 +549,8 @@ msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:336 sssd-ldap.5.xml:663 sssd-ldap.5.xml:1458
#: sssd-ldap.5.xml:1470 sssd-ldap.5.xml:1552 sssd-ad.5.xml:557
-#: sssd-ad.5.xml:627 sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:203
-#: include/ldap_id_mapping.xml:214
+#: sssd-ad.5.xml:627 sssd-krb5.5.xml:410 sssd-krb5.5.xml:550
+#: include/ldap_id_mapping.xml:203 include/ldap_id_mapping.xml:214
msgid "Default: not set"
msgstr ""
@@ -653,18 +653,18 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:427 sssd.conf.5.xml:443 sssd.conf.5.xml:475
-#: sssd.conf.5.xml:702 sssd.conf.5.xml:888 sssd.conf.5.xml:1209
+#: sssd.conf.5.xml:733 sssd.conf.5.xml:919 sssd.conf.5.xml:1261
#: sssd-ldap.5.xml:1200
msgid "Default: 60"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:432 sssd.conf.5.xml:1198
+#: sssd.conf.5.xml:432 sssd.conf.5.xml:1250
msgid "force_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:435 sssd.conf.5.xml:1201
+#: sssd.conf.5.xml:435 sssd.conf.5.xml:1253
msgid ""
"If a service is not responding to ping checks (see the <quote>timeout</"
"quote> option), it is first sent the SIGTERM signal that instructs it to "
@@ -711,41 +711,93 @@ msgid ""
"will be forced to one hour."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:480
+msgid "subdomain_inherit (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:483
+msgid ""
+"Specifies a list of configuration parameters that should be inherited by a "
+"subdomain. Please note that only selected parameters can be inherited. "
+"Currently the following options can be inherited:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:489
+msgid "ignore_group_members"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:492
+msgid "ldap_purge_cache_timeout"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:495 sssd-ldap.5.xml:1017
+msgid "ldap_use_tokengroups"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:498
+msgid "ldap_user_principal"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd.conf.5.xml:503
+#, no-wrap
+msgid ""
+"subdomain_inherit = ldap_purge_cache_timeout\n"
+" "
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:501
+msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:507 sssd.conf.5.xml:963 sssd.conf.5.xml:984
+#: sssd.conf.5.xml:1244 sssd-ldap.5.xml:1753
+msgid "Default: none"
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:484
+#: sssd.conf.5.xml:515
msgid "NSS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:486
+#: sssd.conf.5.xml:517
msgid ""
"These options can be used to configure the Name Service Switch (NSS) service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:491
+#: sssd.conf.5.xml:522
msgid "enum_cache_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:494
+#: sssd.conf.5.xml:525
msgid ""
"How many seconds should nss_sss cache enumerations (requests for info about "
"all users)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:498
+#: sssd.conf.5.xml:529
msgid "Default: 120"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:503
+#: sssd.conf.5.xml:534
msgid "entry_cache_nowait_percentage (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:506
+#: sssd.conf.5.xml:537
msgid ""
"The entry cache can be set to automatically update entries in the background "
"if they are requested beyond a percentage of the entry_cache_timeout value "
@@ -753,7 +805,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:512
+#: sssd.conf.5.xml:543
msgid ""
"For example, if the domain's entry_cache_timeout is set to 30s and "
"entry_cache_nowait_percentage is set to 50 (percent), entries that come in "
@@ -763,7 +815,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:522
+#: sssd.conf.5.xml:553
msgid ""
"Valid values for this option are 0-99 and represent a percentage of the "
"entry_cache_timeout for each domain. For performance reasons, this "
@@ -772,17 +824,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:530
+#: sssd.conf.5.xml:561
msgid "Default: 50"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:535
+#: sssd.conf.5.xml:566
msgid "entry_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:538
+#: sssd.conf.5.xml:569
msgid ""
"Specifies for how many seconds nss_sss should cache negative cache hits "
"(that is, queries for invalid database entries, like nonexistent ones) "
@@ -790,17 +842,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:544 sssd.conf.5.xml:992
+#: sssd.conf.5.xml:575 sssd.conf.5.xml:1044
msgid "Default: 15"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:549
+#: sssd.conf.5.xml:580
msgid "filter_users, filter_groups (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:552
+#: sssd.conf.5.xml:583
msgid ""
"Exclude certain users from being fetched from the sss NSS database. This is "
"particularly useful for system accounts. This option can also be set per-"
@@ -809,41 +861,41 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:559
+#: sssd.conf.5.xml:590
msgid "Default: root"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:564
+#: sssd.conf.5.xml:595
msgid "filter_users_in_groups (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:567
+#: sssd.conf.5.xml:598
msgid ""
"If you want filtered user still be group members set this option to false."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:578
+#: sssd.conf.5.xml:609
msgid "fallback_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:581
+#: sssd.conf.5.xml:612
msgid ""
"Set a default template for a user's home directory if one is not specified "
"explicitly by the domain's data provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:586
+#: sssd.conf.5.xml:617
msgid ""
"The available values for this option are the same as for override_homedir."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
-#: sssd.conf.5.xml:592
+#: sssd.conf.5.xml:623
#, no-wrap
msgid ""
"fallback_homedir = /home/%u\n"
@@ -851,22 +903,23 @@ msgid ""
msgstr ""
#. type: Content of: <varlistentry><listitem><para>
-#: sssd.conf.5.xml:590 include/override_homedir.xml:55
+#: sssd.conf.5.xml:621 sssd.conf.5.xml:978 sssd-krb5.5.xml:533
+#: include/override_homedir.xml:55
msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:596
+#: sssd.conf.5.xml:627
msgid "Default: not set (no substitution for unset home directories)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:602
+#: sssd.conf.5.xml:633
msgid "override_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:605
+#: sssd.conf.5.xml:636
msgid ""
"Override the login shell for all users. This option supersedes any other "
"shell options if it takes effect and can be set either in the [nss] section "
@@ -874,49 +927,49 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:611
+#: sssd.conf.5.xml:642
msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:617
+#: sssd.conf.5.xml:648
msgid "allowed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:620
+#: sssd.conf.5.xml:651
msgid ""
"Restrict user shell to one of the listed values. The order of evaluation is:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:623
+#: sssd.conf.5.xml:654
msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:627
+#: sssd.conf.5.xml:658
msgid ""
"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
"quote>, use the value of the shell_fallback parameter."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:632
+#: sssd.conf.5.xml:663
msgid ""
"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
"shells</quote>, a nologin shell is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:637
+#: sssd.conf.5.xml:668
#, fuzzy
#| msgid "These options can be used to configure any service."
msgid "The wildcard (*) can be used to allow any shell."
msgstr "这些选项可被用于配置任何服务。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:640
+#: sssd.conf.5.xml:671
msgid ""
"The (*) is useful if you want to use shell_fallback in case that user's "
"shell is not in <quote>/etc/shells</quote> and maintaining list of all "
@@ -924,103 +977,103 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:647
+#: sssd.conf.5.xml:678
msgid "An empty string for shell is passed as-is to libc."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:650
+#: sssd.conf.5.xml:681
msgid ""
"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
"that a restart of the SSSD is required in case a new shell is installed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:654
+#: sssd.conf.5.xml:685
msgid "Default: Not set. The user shell is automatically used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:659
+#: sssd.conf.5.xml:690
msgid "vetoed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:662
+#: sssd.conf.5.xml:693
msgid "Replace any instance of these shells with the shell_fallback"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:667
+#: sssd.conf.5.xml:698
msgid "shell_fallback (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:670
+#: sssd.conf.5.xml:701
msgid ""
"The default shell to use if an allowed shell is not installed on the machine."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:674
+#: sssd.conf.5.xml:705
msgid "Default: /bin/sh"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:679
+#: sssd.conf.5.xml:710
msgid "default_shell"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:682
+#: sssd.conf.5.xml:713
msgid ""
"The default shell to use if the provider does not return one during lookup. "
"This option can be specified globally in the [nss] section or per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:688
+#: sssd.conf.5.xml:719
msgid ""
"Default: not set (Return NULL if no shell is specified and rely on libc to "
"substitute something sensible when necessary, usually /bin/sh)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:695 sssd.conf.5.xml:881
+#: sssd.conf.5.xml:726 sssd.conf.5.xml:912
msgid "get_domains_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:698 sssd.conf.5.xml:884
+#: sssd.conf.5.xml:729 sssd.conf.5.xml:915
msgid ""
"Specifies time in seconds for which the list of subdomains will be "
"considered valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:707
+#: sssd.conf.5.xml:738
msgid "memcache_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:710
+#: sssd.conf.5.xml:741
msgid ""
"Specifies time in seconds for which records in the in-memory cache will be "
"valid"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:714 sssd-ldap.5.xml:706
+#: sssd.conf.5.xml:745 sssd-ldap.5.xml:706
msgid "Default: 300"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:719 sssd-ifp.5.xml:74
+#: sssd.conf.5.xml:750 sssd-ifp.5.xml:74
msgid "user_attributes (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:722
+#: sssd.conf.5.xml:753
msgid ""
"Some of the additional NSS responder requests can return more attributes "
"than just the POSIX ones defined by the NSS interface. The list of "
@@ -1031,72 +1084,72 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:735
+#: sssd.conf.5.xml:766
msgid ""
"To make configuration more easy the NSS responder will check the InfoPipe "
"option if it is not set for the NSS responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:740
+#: sssd.conf.5.xml:771
msgid "Default: not set, fallback to InfoPipe option"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:747
+#: sssd.conf.5.xml:778
msgid "PAM configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:749
+#: sssd.conf.5.xml:780
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:754
+#: sssd.conf.5.xml:785
msgid "offline_credentials_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:757
+#: sssd.conf.5.xml:788
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:762 sssd.conf.5.xml:775
+#: sssd.conf.5.xml:793 sssd.conf.5.xml:806
msgid "Default: 0 (No limit)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:768
+#: sssd.conf.5.xml:799
msgid "offline_failed_login_attempts (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:771
+#: sssd.conf.5.xml:802
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:781
+#: sssd.conf.5.xml:812
msgid "offline_failed_login_delay (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:784
+#: sssd.conf.5.xml:815
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:789
+#: sssd.conf.5.xml:820
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -1104,59 +1157,59 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:795 sssd.conf.5.xml:848
+#: sssd.conf.5.xml:826 sssd.conf.5.xml:879
msgid "Default: 5"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:801
+#: sssd.conf.5.xml:832
msgid "pam_verbosity (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:804
+#: sssd.conf.5.xml:835
msgid ""
"Controls what kind of messages are shown to the user during authentication. "
"The higher the number to more messages are displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:809
+#: sssd.conf.5.xml:840
msgid "Currently sssd supports the following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:812
+#: sssd.conf.5.xml:843
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:815
+#: sssd.conf.5.xml:846
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:819
+#: sssd.conf.5.xml:850
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:822
+#: sssd.conf.5.xml:853
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:826 sssd.8.xml:63
+#: sssd.conf.5.xml:857 sssd.8.xml:63
msgid "Default: 1"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:831
+#: sssd.conf.5.xml:862
msgid "pam_id_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:834
+#: sssd.conf.5.xml:865
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -1164,7 +1217,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:840
+#: sssd.conf.5.xml:871
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a per-"
@@ -1173,17 +1226,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:854
+#: sssd.conf.5.xml:885
msgid "pam_pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:857 sssd.conf.5.xml:1390
+#: sssd.conf.5.xml:888 sssd.conf.5.xml:1442
msgid "Display a warning N days before the password expires."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:860
+#: sssd.conf.5.xml:891
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1191,31 +1244,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:866 sssd.conf.5.xml:1393
+#: sssd.conf.5.xml:897 sssd.conf.5.xml:1445
msgid ""
"If zero is set, then this filter is not applied, i.e. if the expiration "
"warning was received from backend server, it will automatically be displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:871
+#: sssd.conf.5.xml:902
msgid ""
"This setting can be overridden by setting <emphasis>pwd_expiration_warning</"
"emphasis> for a particular domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:876 sssd.8.xml:79
+#: sssd.conf.5.xml:907 sssd.8.xml:79
msgid "Default: 0"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:893
+#: sssd.conf.5.xml:924
msgid "pam_trusted_users (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:896
+#: sssd.conf.5.xml:927
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAM responder. User names are resolved to UIDs at "
@@ -1223,59 +1276,75 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:902
+#: sssd.conf.5.xml:933
msgid "Default: all (All users are allowed to access the PAM responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:906
+#: sssd.conf.5.xml:937
msgid ""
"Please note that UID 0 is always allowed to access the PAM responder even in "
"case it is not in the pam_trusted_users list."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:913
+#: sssd.conf.5.xml:944
msgid "pam_public_domains (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:916
+#: sssd.conf.5.xml:947
msgid ""
"Specifies the comma-separated list of domain names that are accessible even "
"to untrusted users."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:920
+#: sssd.conf.5.xml:951
msgid "Two special values for pam_public_domains option are defined:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:924
+#: sssd.conf.5.xml:955
msgid ""
"all (Untrusted users are allowed to access all domains in PAM responder.)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:928
+#: sssd.conf.5.xml:959
msgid ""
"none (Untrusted users are not allowed to access any domains PAM in "
"responder.)"
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:932 sssd.conf.5.xml:1192 sssd-ldap.5.xml:1753
-msgid "Default: none"
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:968
+msgid "pam_account_expired_message (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:971
+msgid ""
+"If user is authenticating using SSH keys and account is expired then by "
+"default 'Permission denied' is output. This output will be changed to "
+"content of this variable if it is set."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd.conf.5.xml:980
+#, no-wrap
+msgid ""
+"pam_account_expired_message = Account expired, please call help desk.\n"
+" "
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:941
+#: sssd.conf.5.xml:993
msgid "SUDO configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:943
+#: sssd.conf.5.xml:995
msgid ""
"These options can be used to configure the sudo service. The detailed "
"instructions for configuration of <citerefentry> <refentrytitle>sudo</"
@@ -1286,34 +1355,34 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:960
+#: sssd.conf.5.xml:1012
msgid "sudo_timed (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:1015
msgid ""
"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
"that implement time-dependent sudoers entries."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:976
+#: sssd.conf.5.xml:1028
msgid "AUTOFS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:978
+#: sssd.conf.5.xml:1030
msgid "These options can be used to configure the autofs service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:982
+#: sssd.conf.5.xml:1034
msgid "autofs_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:985
+#: sssd.conf.5.xml:1037
msgid ""
"Specifies for how many seconds should the autofs responder negative cache "
"hits (that is, queries for invalid map entries, like nonexistent ones) "
@@ -1321,51 +1390,51 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1001
+#: sssd.conf.5.xml:1053
msgid "SSH configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1003
+#: sssd.conf.5.xml:1055
msgid "These options can be used to configure the SSH service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1007
+#: sssd.conf.5.xml:1059
msgid "ssh_hash_known_hosts (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1010
+#: sssd.conf.5.xml:1062
msgid ""
"Whether or not to hash host names and addresses in the managed known_hosts "
"file."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1019
+#: sssd.conf.5.xml:1071
msgid "ssh_known_hosts_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1022
+#: sssd.conf.5.xml:1074
msgid ""
"How many seconds to keep a host in the managed known_hosts file after its "
"host keys were requested."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1026
+#: sssd.conf.5.xml:1078
msgid "Default: 180"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1034
+#: sssd.conf.5.xml:1086
msgid "PAC responder configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1036
+#: sssd.conf.5.xml:1088
msgid ""
"The PAC responder works together with the authorization data plugin for MIT "
"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
@@ -1377,7 +1446,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1045
+#: sssd.conf.5.xml:1097
msgid ""
"If the remote user does not exist in the cache, it is created. The uid is "
"determined with the help of the SID, trusted domains will have UPGs and the "
@@ -1388,24 +1457,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1053
+#: sssd.conf.5.xml:1105
msgid ""
"If there are SIDs of groups from domains sssd knows about, the user will be "
"added to those groups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1059
+#: sssd.conf.5.xml:1111
msgid "These options can be used to configure the PAC responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1063 sssd-ifp.5.xml:50
+#: sssd.conf.5.xml:1115 sssd-ifp.5.xml:50
msgid "allowed_uids (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1066
+#: sssd.conf.5.xml:1118
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAC responder. User names are resolved to UIDs at "
@@ -1413,12 +1482,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1072
+#: sssd.conf.5.xml:1124
msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1076
+#: sssd.conf.5.xml:1128
msgid ""
"Please note that although the UID 0 is used as the default it will be "
"overwritten with this option. If you still want to allow the root user to "
@@ -1427,24 +1496,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:1090
+#: sssd.conf.5.xml:1142
msgid "DOMAIN SECTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1097
+#: sssd.conf.5.xml:1149
msgid "min_id,max_id (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1100
+#: sssd.conf.5.xml:1152
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1105
+#: sssd.conf.5.xml:1157
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For non-"
@@ -1453,47 +1522,47 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1112
+#: sssd.conf.5.xml:1164
msgid ""
"These ID limits affect even saving entries to cache, not only returning them "
"by name or ID."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1116
+#: sssd.conf.5.xml:1168
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1122
+#: sssd.conf.5.xml:1174
msgid "enumerate (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1125
+#: sssd.conf.5.xml:1177
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1129
+#: sssd.conf.5.xml:1181
msgid "TRUE = Users and groups are enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1132
+#: sssd.conf.5.xml:1184
msgid "FALSE = No enumerations for this domain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1135 sssd.conf.5.xml:1367 sssd.conf.5.xml:1476
-#: sssd.conf.5.xml:1493
+#: sssd.conf.5.xml:1187 sssd.conf.5.xml:1419 sssd.conf.5.xml:1528
+#: sssd.conf.5.xml:1545
msgid "Default: FALSE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1138
+#: sssd.conf.5.xml:1190
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
@@ -1505,14 +1574,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1151
+#: sssd.conf.5.xml:1203
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1156
+#: sssd.conf.5.xml:1208
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -1521,39 +1590,39 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1164
+#: sssd.conf.5.xml:1216
msgid ""
"For the reasons cited above, enabling enumeration is not recommended, "
"especially in large environments."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1172
+#: sssd.conf.5.xml:1224
msgid "subdomain_enumerate (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1179
+#: sssd.conf.5.xml:1231
msgid "all"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1180
+#: sssd.conf.5.xml:1232
msgid "All discovered trusted domains will be enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1183
+#: sssd.conf.5.xml:1235
msgid "none"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1184
+#: sssd.conf.5.xml:1236
msgid "No discovered trusted domains will be enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1175
+#: sssd.conf.5.xml:1227
msgid ""
"Whether any of autodetected trusted domains should be enumerated. The "
"supported values are: <placeholder type=\"variablelist\" id=\"0\"/> "
@@ -1562,19 +1631,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1215
+#: sssd.conf.5.xml:1267
msgid "entry_cache_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1218
+#: sssd.conf.5.xml:1270
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1222
+#: sssd.conf.5.xml:1274
msgid ""
"The cache expiration timestamps are stored as attributes of individual "
"objects in the cache. Therefore, changing the cache timeout only has effect "
@@ -1585,150 +1654,151 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1235
+#: sssd.conf.5.xml:1287
msgid "Default: 5400"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1241
+#: sssd.conf.5.xml:1293
msgid "entry_cache_user_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1244
+#: sssd.conf.5.xml:1296
msgid ""
"How many seconds should nss_sss consider user entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1248 sssd.conf.5.xml:1261 sssd.conf.5.xml:1274
-#: sssd.conf.5.xml:1287 sssd.conf.5.xml:1300 sssd.conf.5.xml:1314
-#: sssd.conf.5.xml:1328
+#: sssd.conf.5.xml:1300 sssd.conf.5.xml:1313 sssd.conf.5.xml:1326
+#: sssd.conf.5.xml:1339 sssd.conf.5.xml:1352 sssd.conf.5.xml:1366
+#: sssd.conf.5.xml:1380
msgid "Default: entry_cache_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1254
+#: sssd.conf.5.xml:1306
msgid "entry_cache_group_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1257
+#: sssd.conf.5.xml:1309
msgid ""
"How many seconds should nss_sss consider group entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1267
+#: sssd.conf.5.xml:1319
msgid "entry_cache_netgroup_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1270
+#: sssd.conf.5.xml:1322
msgid ""
"How many seconds should nss_sss consider netgroup entries valid before "
"asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1280
+#: sssd.conf.5.xml:1332
msgid "entry_cache_service_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1283
+#: sssd.conf.5.xml:1335
msgid ""
"How many seconds should nss_sss consider service entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1293
+#: sssd.conf.5.xml:1345
msgid "entry_cache_sudo_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1296
+#: sssd.conf.5.xml:1348
msgid ""
"How many seconds should sudo consider rules valid before asking the backend "
"again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1306
+#: sssd.conf.5.xml:1358
msgid "entry_cache_autofs_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1309
+#: sssd.conf.5.xml:1361
msgid ""
"How many seconds should the autofs service consider automounter maps valid "
"before asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1320
+#: sssd.conf.5.xml:1372
msgid "entry_cache_ssh_host_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1323
+#: sssd.conf.5.xml:1375
msgid ""
"How many seconds to keep a host ssh key after refresh. IE how long to cache "
"the host key for."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1334
+#: sssd.conf.5.xml:1386
msgid "refresh_expired_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1337
+#: sssd.conf.5.xml:1389
msgid ""
"Specifies how many seconds SSSD has to wait before triggering a background "
"refresh task which will refresh all expired or nearly expired records."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1342
-msgid "Currently only refreshing expired netgroups is supported."
+#: sssd.conf.5.xml:1394
+msgid ""
+"The background refresh will process users, groups and netgroups in the cache."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1346
+#: sssd.conf.5.xml:1398
msgid "You can consider setting this value to 3/4 * entry_cache_timeout."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1350 sssd-ipa.5.xml:224
+#: sssd.conf.5.xml:1402 sssd-ipa.5.xml:224
msgid "Default: 0 (disabled)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1356
+#: sssd.conf.5.xml:1408
msgid "cache_credentials (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1359
+#: sssd.conf.5.xml:1411
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1363
+#: sssd.conf.5.xml:1415
msgid "User credentials are stored in a SHA512 hash, not in plaintext"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1372
+#: sssd.conf.5.xml:1424
msgid "account_cache_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1375
+#: sssd.conf.5.xml:1427
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -1737,17 +1807,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1382
+#: sssd.conf.5.xml:1434
msgid "Default: 0 (unlimited)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1387
+#: sssd.conf.5.xml:1439
msgid "pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1398
+#: sssd.conf.5.xml:1450
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1756,33 +1826,33 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1405
+#: sssd.conf.5.xml:1457
msgid "Default: 7 (Kerberos), 0 (LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1411
+#: sssd.conf.5.xml:1463
msgid "id_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1414
+#: sssd.conf.5.xml:1466
msgid ""
"The identification provider used for the domain. Supported ID providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1418
+#: sssd.conf.5.xml:1470
msgid "<quote>proxy</quote>: Support a legacy NSS provider"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1421 sssd.conf.5.xml:1539
+#: sssd.conf.5.xml:1473 sssd.conf.5.xml:1591
msgid "<quote>local</quote>: SSSD internal provider for local users"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1425
+#: sssd.conf.5.xml:1477
msgid ""
"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
@@ -1790,8 +1860,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1433 sssd.conf.5.xml:1519 sssd.conf.5.xml:1574
-#: sssd.conf.5.xml:1627
+#: sssd.conf.5.xml:1485 sssd.conf.5.xml:1571 sssd.conf.5.xml:1626
+#: sssd.conf.5.xml:1679
msgid ""
"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -1800,8 +1870,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1442 sssd.conf.5.xml:1528 sssd.conf.5.xml:1583
-#: sssd.conf.5.xml:1636
+#: sssd.conf.5.xml:1494 sssd.conf.5.xml:1580 sssd.conf.5.xml:1635
+#: sssd.conf.5.xml:1688
msgid ""
"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1809,19 +1879,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1453
+#: sssd.conf.5.xml:1505
msgid "use_fully_qualified_names (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1456
+#: sssd.conf.5.xml:1508
msgid ""
"Use the full name and domain (as formatted by the domain's full_name_format) "
"as the user's login name reported to NSS."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1461
+#: sssd.conf.5.xml:1513
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified names. "
"For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -1830,7 +1900,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1469
+#: sssd.conf.5.xml:1521
msgid ""
"NOTE: This option has no effect on netgroup lookups due to their tendency to "
"include nested netgroups without qualified names. For netgroups, all domains "
@@ -1838,17 +1908,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1481
+#: sssd.conf.5.xml:1533
msgid "ignore_group_members (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1484
+#: sssd.conf.5.xml:1536
msgid "Do not return group members for group lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1487
+#: sssd.conf.5.xml:1539
msgid ""
"If set to TRUE, the group membership attribute is not requested from the "
"ldap server, and group members are not returned when processing group lookup "
@@ -1856,19 +1926,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1498
+#: sssd.conf.5.xml:1550
msgid "auth_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1501
+#: sssd.conf.5.xml:1553
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1505 sssd.conf.5.xml:1567
+#: sssd.conf.5.xml:1557 sssd.conf.5.xml:1619
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1876,7 +1946,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1512
+#: sssd.conf.5.xml:1564
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1884,30 +1954,30 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1536
+#: sssd.conf.5.xml:1588
msgid ""
"<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1543
+#: sssd.conf.5.xml:1595
msgid "<quote>none</quote> disables authentication explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1546
+#: sssd.conf.5.xml:1598
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1552
+#: sssd.conf.5.xml:1604
msgid "access_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1555
+#: sssd.conf.5.xml:1607
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -1915,19 +1985,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1561
+#: sssd.conf.5.xml:1613
msgid ""
"<quote>permit</quote> always allow access. It's the only permitted access "
"provider for a local domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1564
+#: sssd.conf.5.xml:1616
msgid "<quote>deny</quote> always deny access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1591
+#: sssd.conf.5.xml:1643
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
@@ -1936,24 +2006,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1598
+#: sssd.conf.5.xml:1650
msgid "Default: <quote>permit</quote>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1603
+#: sssd.conf.5.xml:1655
msgid "chpass_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1606
+#: sssd.conf.5.xml:1658
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1611
+#: sssd.conf.5.xml:1663
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
@@ -1961,7 +2031,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1619
+#: sssd.conf.5.xml:1671
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1969,35 +2039,35 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1644
+#: sssd.conf.5.xml:1696
msgid ""
"<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1648
+#: sssd.conf.5.xml:1700
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1651
+#: sssd.conf.5.xml:1703
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1658
+#: sssd.conf.5.xml:1710
msgid "sudo_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1661
+#: sssd.conf.5.xml:1713
msgid "The SUDO provider used for the domain. Supported SUDO providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1665
+#: sssd.conf.5.xml:1717
msgid ""
"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2005,32 +2075,32 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1673
+#: sssd.conf.5.xml:1725
msgid ""
"<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default "
"settings."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1677
+#: sssd.conf.5.xml:1729
msgid ""
"<quote>ad</quote> the same as <quote>ldap</quote> but with AD default "
"settings."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1681
+#: sssd.conf.5.xml:1733
msgid "<quote>none</quote> disables SUDO explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1684 sssd.conf.5.xml:1762 sssd.conf.5.xml:1794
-#: sssd.conf.5.xml:1819
+#: sssd.conf.5.xml:1736 sssd.conf.5.xml:1814 sssd.conf.5.xml:1846
+#: sssd.conf.5.xml:1871
msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1688
+#: sssd.conf.5.xml:1740
msgid ""
"The detailed instructions for configuration of sudo_provider are in the "
"manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> "
@@ -2041,12 +2111,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1705
+#: sssd.conf.5.xml:1757
msgid "selinux_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1708
+#: sssd.conf.5.xml:1760
msgid ""
"The provider which should handle loading of selinux settings. Note that this "
"provider will be called right after access provider ends. Supported selinux "
@@ -2054,7 +2124,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1714
+#: sssd.conf.5.xml:1766
msgid ""
"<quote>ipa</quote> to load selinux settings from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2062,31 +2132,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1722
+#: sssd.conf.5.xml:1774
msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1725
+#: sssd.conf.5.xml:1777
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"selinux loading requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1731
+#: sssd.conf.5.xml:1783
msgid "subdomains_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1734
+#: sssd.conf.5.xml:1786
msgid ""
"The provider which should handle fetching of subdomains. This value should "
"be always the same as id_provider. Supported subdomain providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1740
+#: sssd.conf.5.xml:1792
msgid ""
"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2094,7 +2164,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1749
+#: sssd.conf.5.xml:1801
msgid ""
"<quote>ad</quote> to load a list of subdomains from an Active Directory "
"server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> "
@@ -2103,23 +2173,23 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1758
+#: sssd.conf.5.xml:1810
msgid "<quote>none</quote> disallows fetching subdomains explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1769
+#: sssd.conf.5.xml:1821
msgid "autofs_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1772
+#: sssd.conf.5.xml:1824
msgid ""
"The autofs provider used for the domain. Supported autofs providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1776
+#: sssd.conf.5.xml:1828
msgid ""
"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2127,7 +2197,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1783
+#: sssd.conf.5.xml:1835
msgid ""
"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2135,24 +2205,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1791
+#: sssd.conf.5.xml:1843
msgid "<quote>none</quote> disables autofs explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1801
+#: sssd.conf.5.xml:1853
msgid "hostid_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1804
+#: sssd.conf.5.xml:1856
msgid ""
"The provider used for retrieving host identity information. Supported "
"hostid providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1808
+#: sssd.conf.5.xml:1860
msgid ""
"<quote>ipa</quote> to load host identity stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2160,12 +2230,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1816
+#: sssd.conf.5.xml:1868
msgid "<quote>none</quote> disables hostid explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1829
+#: sssd.conf.5.xml:1881
msgid ""
"Regular expression for this domain that describes how to parse the string "
"containing user name and domain into these components. The \"domain\" can "
@@ -2175,7 +2245,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1838
+#: sssd.conf.5.xml:1890
msgid ""
"Default for the AD and IPA provider: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
"\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
@@ -2184,29 +2254,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1843
+#: sssd.conf.5.xml:1895
msgid "username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1846
+#: sssd.conf.5.xml:1898
msgid "username@domain.name"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1849
+#: sssd.conf.5.xml:1901
msgid "domain\\username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1852
+#: sssd.conf.5.xml:1904
msgid ""
"While the first two correspond to the general default the third one is "
"introduced to allow easy integration of users from Windows domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1857
+#: sssd.conf.5.xml:1909
msgid ""
"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
"which translates to \"the name is everything up to the <quote>@</quote> "
@@ -2214,7 +2284,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1863
+#: sssd.conf.5.xml:1915
msgid ""
"PLEASE NOTE: the support for non-unique named subpatterns is not available "
"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
@@ -2222,66 +2292,66 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1870
+#: sssd.conf.5.xml:1922
msgid ""
"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?"
"P&lt;name&gt;) to label subpatterns."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1917
+#: sssd.conf.5.xml:1969
msgid "Default: <quote>%1$s@%2$s</quote>."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1923
+#: sssd.conf.5.xml:1975
msgid "lookup_family_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1926
+#: sssd.conf.5.xml:1978
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1930
+#: sssd.conf.5.xml:1982
msgid "Supported values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1933
+#: sssd.conf.5.xml:1985
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1936
+#: sssd.conf.5.xml:1988
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1939
+#: sssd.conf.5.xml:1991
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1942
+#: sssd.conf.5.xml:1994
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1945
+#: sssd.conf.5.xml:1997
msgid "Default: ipv4_first"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1951
+#: sssd.conf.5.xml:2003
msgid "dns_resolver_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1954
+#: sssd.conf.5.xml:2006
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -2289,70 +2359,70 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1960 sssd-ldap.5.xml:1184 sssd-ldap.5.xml:1226
-#: sssd-ldap.5.xml:1241 sssd-krb5.5.xml:239
+#: sssd.conf.5.xml:2012 sssd-ldap.5.xml:1184 sssd-ldap.5.xml:1226
+#: sssd-ldap.5.xml:1241 sssd-krb5.5.xml:248
msgid "Default: 6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1966
+#: sssd.conf.5.xml:2018
msgid "dns_discovery_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1969
+#: sssd.conf.5.xml:2021
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1973
+#: sssd.conf.5.xml:2025
msgid "Default: Use the domain part of machine's hostname"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1979
+#: sssd.conf.5.xml:2031
msgid "override_gid (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1982
+#: sssd.conf.5.xml:2034
msgid "Override the primary GID value with the one specified."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1988
+#: sssd.conf.5.xml:2040
msgid "case_sensitive (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1996
+#: sssd.conf.5.xml:2048
msgid "True"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1999
+#: sssd.conf.5.xml:2051
msgid "Case sensitive. This value is invalid for AD provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2005
+#: sssd.conf.5.xml:2057
msgid "False"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2007
+#: sssd.conf.5.xml:2059
msgid "Case insensitive."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2011
+#: sssd.conf.5.xml:2063
msgid "Preserving"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2014
+#: sssd.conf.5.xml:2066
msgid ""
"Same as False (case insensitive), but does not lowercase names in the result "
"of NSS operations. Note that name aliases (and in case of services also "
@@ -2360,7 +2430,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1991
+#: sssd.conf.5.xml:2043
msgid ""
"Treat user and group names as case sensitive. At the moment, this option is "
"not supported in the local provider. Possible option values are: "
@@ -2368,17 +2438,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2026
+#: sssd.conf.5.xml:2078
msgid "Default: True (False for AD provider)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2032
+#: sssd.conf.5.xml:2084
msgid "proxy_fast_alias (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2035
+#: sssd.conf.5.xml:2087
msgid ""
"When a user or group is looked up by name in the proxy provider, a second "
"lookup by ID is performed to \"canonicalize\" the name in case the requested "
@@ -2387,22 +2457,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2049
+#: sssd.conf.5.xml:2101
msgid "subdomain_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2060
+#: sssd.conf.5.xml:2112
msgid "%F"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2061
+#: sssd.conf.5.xml:2113
msgid "flat (NetBIOS) name of a subdomain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2052
+#: sssd.conf.5.xml:2104
msgid ""
"Use this homedir as default value for all subdomains within this domain in "
"IPA AD trust. See <emphasis>override_homedir</emphasis> for info about "
@@ -2412,29 +2482,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2066
+#: sssd.conf.5.xml:2118
msgid ""
"The value can be overridden by <emphasis>override_homedir</emphasis> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2070
+#: sssd.conf.5.xml:2122
msgid "Default: <filename>/home/%d/%u</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2075
+#: sssd.conf.5.xml:2127
msgid "realmd_tags (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2078
+#: sssd.conf.5.xml:2130
msgid ""
"Various tags stored by the realmd configuration service for this domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1092
+#: sssd.conf.5.xml:1144
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
@@ -2442,29 +2512,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2091
+#: sssd.conf.5.xml:2143
msgid "proxy_pam_target (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2094
+#: sssd.conf.5.xml:2146
msgid "The proxy target PAM proxies to."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2097
+#: sssd.conf.5.xml:2149
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2105
+#: sssd.conf.5.xml:2157
msgid "proxy_lib_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2108
+#: sssd.conf.5.xml:2160
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -2472,19 +2542,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:2087
+#: sssd.conf.5.xml:2139
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
"\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:2120
+#: sssd.conf.5.xml:2172
msgid "The local domain section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:2122
+#: sssd.conf.5.xml:2174
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -2492,73 +2562,73 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2129
+#: sssd.conf.5.xml:2181
msgid "default_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2132
+#: sssd.conf.5.xml:2184
msgid "The default shell for users created with SSSD userspace tools."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2136
+#: sssd.conf.5.xml:2188
msgid "Default: <filename>/bin/bash</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2141
+#: sssd.conf.5.xml:2193
msgid "base_directory (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2144
+#: sssd.conf.5.xml:2196
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2149
+#: sssd.conf.5.xml:2201
msgid "Default: <filename>/home</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2154
+#: sssd.conf.5.xml:2206
msgid "create_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2157
+#: sssd.conf.5.xml:2209
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2161 sssd.conf.5.xml:2173
+#: sssd.conf.5.xml:2213 sssd.conf.5.xml:2225
msgid "Default: TRUE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2166
+#: sssd.conf.5.xml:2218
msgid "remove_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2169
+#: sssd.conf.5.xml:2221
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2178
+#: sssd.conf.5.xml:2230
msgid "homedir_umask (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2181
+#: sssd.conf.5.xml:2233
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -2566,17 +2636,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2189
+#: sssd.conf.5.xml:2241
msgid "Default: 077"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2194
+#: sssd.conf.5.xml:2246
msgid "skel_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2197
+#: sssd.conf.5.xml:2249
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -2585,17 +2655,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2207
+#: sssd.conf.5.xml:2259
msgid "Default: <filename>/etc/skel</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2212
+#: sssd.conf.5.xml:2264
msgid "mail_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2215
+#: sssd.conf.5.xml:2267
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -2603,17 +2673,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2222
+#: sssd.conf.5.xml:2274
msgid "Default: <filename>/var/mail</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:2227
+#: sssd.conf.5.xml:2279
msgid "userdel_cmd (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2230
+#: sssd.conf.5.xml:2282
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -2621,19 +2691,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:2236
+#: sssd.conf.5.xml:2288
msgid "Default: None, no command is run"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:2246 sssd-ldap.5.xml:2518 sssd-simple.5.xml:131
-#: sssd-ipa.5.xml:718 sssd-ad.5.xml:843 sssd-krb5.5.xml:519
+#: sssd.conf.5.xml:2298 sssd-ldap.5.xml:2569 sssd-simple.5.xml:131
+#: sssd-ipa.5.xml:718 sssd-ad.5.xml:843 sssd-krb5.5.xml:564
#: sss_rpcidmapd.5.xml:98
msgid "EXAMPLE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:2252
+#: sssd.conf.5.xml:2304
#, no-wrap
msgid ""
"[sssd]\n"
@@ -2663,7 +2733,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:2248
+#: sssd.conf.5.xml:2300
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -3502,7 +3572,7 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:738 sssd-ldap.5.xml:831 sssd-ldap.5.xml:1058
-#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:2102 sssd-ldap.5.xml:2441
+#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:2153 sssd-ldap.5.xml:2492
#: sssd-ipa.5.xml:591
msgid "Default: cn"
msgstr ""
@@ -3783,11 +3853,6 @@ msgid ""
"dealing with complex or deep nested groups)."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1017
-msgid "ldap_use_tokengroups"
-msgstr ""
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1020
msgid ""
@@ -4022,7 +4087,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1258 sssd-ldap.5.xml:2259
+#: sssd-ldap.5.xml:1258 sssd-ldap.5.xml:2310
msgid "Default: 900 (15 minutes)"
msgstr ""
@@ -4473,7 +4538,7 @@ msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:403 sssd-krb5.5.xml:453
+#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:403 sssd-krb5.5.xml:462
msgid "krb5_canonicalize (boolean)"
msgstr ""
@@ -4485,12 +4550,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1700 sssd-krb5.5.xml:468
+#: sssd-ldap.5.xml:1700 sssd-krb5.5.xml:477
msgid "krb5_use_kdcinfo (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1703 sssd-krb5.5.xml:471
+#: sssd-ldap.5.xml:1703 sssd-krb5.5.xml:480
msgid ""
"Specifies if the SSSD should instruct the Kerberos libraries what realm and "
"which KDCs to use. This option is on by default, if you disable it, you need "
@@ -4500,7 +4565,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1714 sssd-krb5.5.xml:482
+#: sssd-ldap.5.xml:1714 sssd-krb5.5.xml:491
msgid ""
"See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</"
"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more "
@@ -4768,40 +4833,93 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1958
+msgid ""
+"<emphasis> Please note that this option is superseded by the <quote>ppolicy</"
+"quote> option and might be removed in a future release. </emphasis>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1965
+msgid ""
+"<emphasis>ppolicy</emphasis>: use account locking. If set, this option "
+"denies access in case that ldap attribute 'pwdAccountLockedTime' is present "
+"and has value of '000001010000Z' or represents any time in the past. The "
+"value of the 'pwdAccountLockedTime' attribute must end with 'Z', which "
+"denotes the UTC time zone. Other time zones are not currently supported and "
+"will result in \"access-denied\" when users attempt to log in. Please see "
+"the option ldap_pwdlockout_dn. Please note that 'access_provider = ldap' "
+"must be set for this feature to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1982
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1962
+#: sssd-ldap.5.xml:1986
+msgid ""
+"<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, "
+"pwd_expire_policy_renew: </emphasis> These options are useful if users are "
+"interested in being warned that password is about to expire and "
+"authentication is based on using a different method than passwords - for "
+"example SSH keys."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1996
+msgid ""
+"The difference between these options is the action taken if user password is "
+"expired: pwd_expire_policy_reject - user is denied to log in, "
+"pwd_expire_policy_warn - user is still able to log in, "
+"pwd_expire_policy_renew - user is prompted to change his password "
+"immediately."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2004
+msgid ""
+"Note If user password is expired no explicit message is prompted by SSSD."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2008
+msgid ""
+"Please note that 'access_provider = ldap' must be set for this feature to "
+"work. Also 'ldap_pwd_policy' must be set to an appropriate password policy."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2013
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1967
+#: sssd-ldap.5.xml:2018
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1971
+#: sssd-ldap.5.xml:2022
msgid "Default: filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1974
+#: sssd-ldap.5.xml:2025
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1981
+#: sssd-ldap.5.xml:2032
msgid "ldap_pwdlockout_dn (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1984
+#: sssd-ldap.5.xml:2035
msgid ""
"This option specifies the DN of password policy entry on LDAP server. Please "
"note that absence of this option in sssd.conf in case of enabled account "
@@ -4810,74 +4928,74 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1992
+#: sssd-ldap.5.xml:2043
msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1995
+#: sssd-ldap.5.xml:2046
msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2001
+#: sssd-ldap.5.xml:2052
msgid "ldap_deref (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2004
+#: sssd-ldap.5.xml:2055
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2009
+#: sssd-ldap.5.xml:2060
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2013
+#: sssd-ldap.5.xml:2064
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2018
+#: sssd-ldap.5.xml:2069
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2023
+#: sssd-ldap.5.xml:2074
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2028
+#: sssd-ldap.5.xml:2079
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2036
+#: sssd-ldap.5.xml:2087
msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2039
+#: sssd-ldap.5.xml:2090
msgid ""
"Allows to retain local users as members of an LDAP group for servers that "
"use the RFC2307 schema."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2043
+#: sssd-ldap.5.xml:2094
msgid ""
"In some environments where the RFC2307 schema is used, local users are made "
"members of LDAP groups by adding their names to the memberUid attribute. "
@@ -4888,7 +5006,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2054
+#: sssd-ldap.5.xml:2105
msgid ""
"This option falls back to checking if local users are referenced, and caches "
"them so that later initgroups() calls will augment the local users with the "
@@ -4906,12 +5024,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2070
+#: sssd-ldap.5.xml:2121
msgid "SUDO OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2072
+#: sssd-ldap.5.xml:2123
msgid ""
"The detailed instructions for configuration of sudo_provider are in the "
"manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> "
@@ -4919,208 +5037,208 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2083
+#: sssd-ldap.5.xml:2134
msgid "ldap_sudorule_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2086
+#: sssd-ldap.5.xml:2137
msgid "The object class of a sudo rule entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2089
+#: sssd-ldap.5.xml:2140
msgid "Default: sudoRole"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2095
+#: sssd-ldap.5.xml:2146
msgid "ldap_sudorule_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2098
+#: sssd-ldap.5.xml:2149
msgid "The LDAP attribute that corresponds to the sudo rule name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2108
+#: sssd-ldap.5.xml:2159
msgid "ldap_sudorule_command (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2111
+#: sssd-ldap.5.xml:2162
msgid "The LDAP attribute that corresponds to the command name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2115
+#: sssd-ldap.5.xml:2166
msgid "Default: sudoCommand"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2121
+#: sssd-ldap.5.xml:2172
msgid "ldap_sudorule_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2124
+#: sssd-ldap.5.xml:2175
msgid ""
"The LDAP attribute that corresponds to the host name (or host IP address, "
"host IP network, or host netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2129
+#: sssd-ldap.5.xml:2180
msgid "Default: sudoHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2135
+#: sssd-ldap.5.xml:2186
msgid "ldap_sudorule_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2138
+#: sssd-ldap.5.xml:2189
msgid ""
"The LDAP attribute that corresponds to the user name (or UID, group name or "
"user's netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2142
+#: sssd-ldap.5.xml:2193
msgid "Default: sudoUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2148
+#: sssd-ldap.5.xml:2199
msgid "ldap_sudorule_option (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2151
+#: sssd-ldap.5.xml:2202
msgid "The LDAP attribute that corresponds to the sudo options."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2155
+#: sssd-ldap.5.xml:2206
msgid "Default: sudoOption"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2161
+#: sssd-ldap.5.xml:2212
msgid "ldap_sudorule_runasuser (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2164
+#: sssd-ldap.5.xml:2215
msgid ""
"The LDAP attribute that corresponds to the user name that commands may be "
"run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2168
+#: sssd-ldap.5.xml:2219
msgid "Default: sudoRunAsUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2174
+#: sssd-ldap.5.xml:2225
msgid "ldap_sudorule_runasgroup (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2177
+#: sssd-ldap.5.xml:2228
msgid ""
"The LDAP attribute that corresponds to the group name or group GID that "
"commands may be run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2181
+#: sssd-ldap.5.xml:2232
msgid "Default: sudoRunAsGroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2187
+#: sssd-ldap.5.xml:2238
msgid "ldap_sudorule_notbefore (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2190
+#: sssd-ldap.5.xml:2241
msgid ""
"The LDAP attribute that corresponds to the start date/time for when the sudo "
"rule is valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2194
+#: sssd-ldap.5.xml:2245
msgid "Default: sudoNotBefore"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2200
+#: sssd-ldap.5.xml:2251
msgid "ldap_sudorule_notafter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2203
+#: sssd-ldap.5.xml:2254
msgid ""
"The LDAP attribute that corresponds to the expiration date/time, after which "
"the sudo rule will no longer be valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2208
+#: sssd-ldap.5.xml:2259
msgid "Default: sudoNotAfter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2214
+#: sssd-ldap.5.xml:2265
msgid "ldap_sudorule_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2217
+#: sssd-ldap.5.xml:2268
msgid "The LDAP attribute that corresponds to the ordering index of the rule."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2221
+#: sssd-ldap.5.xml:2272
msgid "Default: sudoOrder"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2227
+#: sssd-ldap.5.xml:2278
msgid "ldap_sudo_full_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2230
+#: sssd-ldap.5.xml:2281
msgid ""
"How many seconds SSSD will wait between executing a full refresh of sudo "
"rules (which downloads all rules that are stored on the server)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2235
+#: sssd-ldap.5.xml:2286
msgid ""
"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </"
"emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2240
+#: sssd-ldap.5.xml:2291
msgid "Default: 21600 (6 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2246
+#: sssd-ldap.5.xml:2297
msgid "ldap_sudo_smart_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2249
+#: sssd-ldap.5.xml:2300
msgid ""
"How many seconds SSSD has to wait before executing a smart refresh of sudo "
"rules (which downloads all rules that have USN higher than the highest USN "
@@ -5128,101 +5246,101 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2255
+#: sssd-ldap.5.xml:2306
msgid ""
"If USN attributes are not supported by the server, the modifyTimestamp "
"attribute is used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2265
+#: sssd-ldap.5.xml:2316
msgid "ldap_sudo_use_host_filter (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2268
+#: sssd-ldap.5.xml:2319
msgid ""
"If true, SSSD will download only rules that are applicable to this machine "
"(using the IPv4 or IPv6 host/network addresses and hostnames)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2279
+#: sssd-ldap.5.xml:2330
msgid "ldap_sudo_hostnames (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2282
+#: sssd-ldap.5.xml:2333
msgid ""
"Space separated list of hostnames or fully qualified domain names that "
"should be used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2287
+#: sssd-ldap.5.xml:2338
msgid ""
"If this option is empty, SSSD will try to discover the hostname and the "
"fully qualified domain name automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2292 sssd-ldap.5.xml:2315 sssd-ldap.5.xml:2333
-#: sssd-ldap.5.xml:2351
+#: sssd-ldap.5.xml:2343 sssd-ldap.5.xml:2366 sssd-ldap.5.xml:2384
+#: sssd-ldap.5.xml:2402
msgid ""
"If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</"
"emphasis> then this option has no effect."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2297 sssd-ldap.5.xml:2320
+#: sssd-ldap.5.xml:2348 sssd-ldap.5.xml:2371
msgid "Default: not specified"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2303
+#: sssd-ldap.5.xml:2354
msgid "ldap_sudo_ip (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2306
+#: sssd-ldap.5.xml:2357
msgid ""
"Space separated list of IPv4 or IPv6 host/network addresses that should be "
"used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2311
+#: sssd-ldap.5.xml:2362
msgid ""
"If this option is empty, SSSD will try to discover the addresses "
"automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2326
+#: sssd-ldap.5.xml:2377
msgid "ldap_sudo_include_netgroups (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2329
+#: sssd-ldap.5.xml:2380
msgid ""
"If true then SSSD will download every rule that contains a netgroup in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2344
+#: sssd-ldap.5.xml:2395
msgid "ldap_sudo_include_regexp (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2347
+#: sssd-ldap.5.xml:2398
msgid ""
"If true then SSSD will download every rule that contains a wildcard in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2363
+#: sssd-ldap.5.xml:2414
msgid ""
"This manual page only describes attribute name mapping. For detailed "
"explanation of sudo related attribute semantics, see <citerefentry> "
@@ -5231,91 +5349,91 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2373
+#: sssd-ldap.5.xml:2424
msgid "AUTOFS OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2375
+#: sssd-ldap.5.xml:2426
msgid ""
"Please note that the default values correspond to the default schema which "
"is RFC2307."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2381
+#: sssd-ldap.5.xml:2432
msgid "ldap_autofs_map_master_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2384
+#: sssd-ldap.5.xml:2435
msgid "The name of the automount master map in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2387
+#: sssd-ldap.5.xml:2438
msgid "Default: auto.master"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2394
+#: sssd-ldap.5.xml:2445
msgid "ldap_autofs_map_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2397 sssd-ldap.5.xml:2423
+#: sssd-ldap.5.xml:2448 sssd-ldap.5.xml:2474
msgid "The object class of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2400 sssd-ldap.5.xml:2427
+#: sssd-ldap.5.xml:2451 sssd-ldap.5.xml:2478
msgid "Default: automountMap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2407
+#: sssd-ldap.5.xml:2458
msgid "ldap_autofs_map_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2410
+#: sssd-ldap.5.xml:2461
msgid "The name of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2413
+#: sssd-ldap.5.xml:2464
msgid "Default: ou"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2420
+#: sssd-ldap.5.xml:2471
msgid "ldap_autofs_entry_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2434
+#: sssd-ldap.5.xml:2485
msgid "ldap_autofs_entry_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2437 sssd-ldap.5.xml:2451
+#: sssd-ldap.5.xml:2488 sssd-ldap.5.xml:2502
msgid ""
"The key of an automount entry in LDAP. The entry usually corresponds to a "
"mount point."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2448
+#: sssd-ldap.5.xml:2499
msgid "ldap_autofs_entry_value (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2455
+#: sssd-ldap.5.xml:2506
msgid "Default: automountInformation"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2379
+#: sssd-ldap.5.xml:2430
msgid ""
"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
@@ -5324,32 +5442,32 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2465
+#: sssd-ldap.5.xml:2516
msgid "ADVANCED OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2472
+#: sssd-ldap.5.xml:2523
msgid "ldap_netgroup_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2477
+#: sssd-ldap.5.xml:2528
msgid "ldap_user_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2482
+#: sssd-ldap.5.xml:2533
msgid "ldap_group_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><note>
-#: sssd-ldap.5.xml:2487
+#: sssd-ldap.5.xml:2538
msgid "<note>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para>
-#: sssd-ldap.5.xml:2489
+#: sssd-ldap.5.xml:2540
msgid ""
"If the option <quote>ldap_use_tokengroups</quote> is enabled. The searches "
"against Active Directory will not be restricted and return all groups "
@@ -5358,22 +5476,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist>
-#: sssd-ldap.5.xml:2496
+#: sssd-ldap.5.xml:2547
msgid "</note>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2498
+#: sssd-ldap.5.xml:2549
msgid "ldap_sudo_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2503
+#: sssd-ldap.5.xml:2554
msgid "ldap_autofs_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2467
+#: sssd-ldap.5.xml:2518
msgid ""
"These options are supported by LDAP domains, but they should be used with "
"caution. Please include them in your configuration only if you know what you "
@@ -5382,7 +5500,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2520
+#: sssd-ldap.5.xml:2571
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -5390,7 +5508,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2526
+#: sssd-ldap.5.xml:2577
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -5403,26 +5521,26 @@ msgid ""
msgstr ""
#. type: Content of: <refsect1><refsect2><para>
-#: sssd-ldap.5.xml:2525 sssd-ldap.5.xml:2543 sssd-simple.5.xml:139
+#: sssd-ldap.5.xml:2576 sssd-ldap.5.xml:2594 sssd-simple.5.xml:139
#: sssd-ipa.5.xml:726 sssd-ad.5.xml:851 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98
-#: sssd-krb5.5.xml:528 include/ldap_id_mapping.xml:105
+#: sssd-krb5.5.xml:573 include/ldap_id_mapping.xml:105
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2537
+#: sssd-ldap.5.xml:2588
msgid "LDAP ACCESS FILTER EXAMPLE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2539
+#: sssd-ldap.5.xml:2590
msgid ""
"The following example assumes that SSSD is correctly configured and to use "
"the ldap_access_order=lockout."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2544
+#: sssd-ldap.5.xml:2595
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -5438,13 +5556,13 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2559 sssd_krb5_locator_plugin.8.xml:61
+#: sssd-ldap.5.xml:2610 sssd_krb5_locator_plugin.8.xml:61
#: sssd-simple.5.xml:148 sssd-ad.5.xml:866 sssd.8.xml:195 sss_seed.8.xml:163
msgid "NOTES"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2561
+#: sssd-ldap.5.xml:2612
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -6204,7 +6322,7 @@ msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:371 sssd-krb5.5.xml:245
+#: sssd-ipa.5.xml:371 sssd-krb5.5.xml:254
msgid "krb5_validate (boolean)"
msgstr ""
@@ -6245,12 +6363,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:419 sssd-krb5.5.xml:407
+#: sssd-ipa.5.xml:419 sssd-krb5.5.xml:416
msgid "krb5_use_fast (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:422 sssd-krb5.5.xml:410
+#: sssd-ipa.5.xml:422 sssd-krb5.5.xml:419
msgid ""
"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-"
"authentication. The following options are supported:"
@@ -6270,7 +6388,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:436 sssd-krb5.5.xml:424
+#: sssd-ipa.5.xml:436 sssd-krb5.5.xml:433
msgid ""
"<emphasis>demand</emphasis> to use FAST. The authentication fails if the "
"server does not require fast."
@@ -6282,7 +6400,7 @@ msgid "Default: try"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:444 sssd-krb5.5.xml:435
+#: sssd-ipa.5.xml:444 sssd-krb5.5.xml:444
msgid ""
"NOTE: SSSD supports FAST only with MIT Kerberos version 1.8 and later. If "
"SSSD is used with an older version of MIT Kerberos, using this option is a "
@@ -7366,12 +7484,12 @@ msgid "Default: True"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:797 sssd-krb5.5.xml:496
+#: sssd-ad.5.xml:797 sssd-krb5.5.xml:505
msgid "krb5_use_enterprise_principal (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:800 sssd-krb5.5.xml:499
+#: sssd-ad.5.xml:800 sssd-krb5.5.xml:508
msgid ""
"Specifies if the user principal should be treated as enterprise principal. "
"See section 5 of RFC 6806 for more details about enterprise principals."
@@ -8314,16 +8432,24 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:225
+msgid ""
+"NOTE: Please be aware that libkrb5 ccache expansion template from "
+"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> uses different expansion sequences than SSSD."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:234
msgid "Default: (from libkrb5)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:231
+#: sssd-krb5.5.xml:240
msgid "krb5_auth_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:234
+#: sssd-krb5.5.xml:243
msgid ""
"Timeout in seconds after an online authentication request or change password "
"request is aborted. If possible, the authentication request is continued "
@@ -8331,7 +8457,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:248
+#: sssd-krb5.5.xml:257
msgid ""
"Verify with the help of krb5_keytab that the TGT obtained has not been "
"spoofed. The keytab is checked for entries sequentially, and the first entry "
@@ -8342,36 +8468,36 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:263
+#: sssd-krb5.5.xml:272
msgid "krb5_keytab (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:266
+#: sssd-krb5.5.xml:275
msgid ""
"The location of the keytab to use when validating credentials obtained from "
"KDCs."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:270
+#: sssd-krb5.5.xml:279
msgid "Default: /etc/krb5.keytab"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:276
+#: sssd-krb5.5.xml:285
msgid "krb5_store_password_if_offline (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:279
+#: sssd-krb5.5.xml:288
msgid ""
"Store the password of the user if the provider is offline and use it to "
"request a TGT when the provider comes online again."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:284
+#: sssd-krb5.5.xml:293
msgid ""
"NOTE: this feature is only available on Linux. Passwords stored in this way "
"are kept in plaintext in the kernel keyring and are potentially accessible "
@@ -8379,91 +8505,91 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:297
+#: sssd-krb5.5.xml:306
msgid "krb5_renewable_lifetime (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:300
+#: sssd-krb5.5.xml:309
msgid ""
"Request a renewable ticket with a total lifetime, given as an integer "
"immediately followed by a time unit:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:305 sssd-krb5.5.xml:339 sssd-krb5.5.xml:376
+#: sssd-krb5.5.xml:314 sssd-krb5.5.xml:348 sssd-krb5.5.xml:385
msgid "<emphasis>s</emphasis> for seconds"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:308 sssd-krb5.5.xml:342 sssd-krb5.5.xml:379
+#: sssd-krb5.5.xml:317 sssd-krb5.5.xml:351 sssd-krb5.5.xml:388
msgid "<emphasis>m</emphasis> for minutes"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:311 sssd-krb5.5.xml:345 sssd-krb5.5.xml:382
+#: sssd-krb5.5.xml:320 sssd-krb5.5.xml:354 sssd-krb5.5.xml:391
msgid "<emphasis>h</emphasis> for hours"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:314 sssd-krb5.5.xml:348 sssd-krb5.5.xml:385
+#: sssd-krb5.5.xml:323 sssd-krb5.5.xml:357 sssd-krb5.5.xml:394
msgid "<emphasis>d</emphasis> for days."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:317 sssd-krb5.5.xml:388
+#: sssd-krb5.5.xml:326 sssd-krb5.5.xml:397
msgid "If there is no unit given, <emphasis>s</emphasis> is assumed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:321 sssd-krb5.5.xml:392
+#: sssd-krb5.5.xml:330 sssd-krb5.5.xml:401
msgid ""
"NOTE: It is not possible to mix units. To set the renewable lifetime to one "
"and a half hours, use '90m' instead of '1h30m'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:326
+#: sssd-krb5.5.xml:335
msgid "Default: not set, i.e. the TGT is not renewable"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:332
+#: sssd-krb5.5.xml:341
msgid "krb5_lifetime (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:335
+#: sssd-krb5.5.xml:344
msgid ""
"Request ticket with a lifetime, given as an integer immediately followed by "
"a time unit:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:351
+#: sssd-krb5.5.xml:360
msgid "If there is no unit given <emphasis>s</emphasis> is assumed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:355
+#: sssd-krb5.5.xml:364
msgid ""
"NOTE: It is not possible to mix units. To set the lifetime to one and a "
"half hours please use '90m' instead of '1h30m'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:360
+#: sssd-krb5.5.xml:369
msgid ""
"Default: not set, i.e. the default ticket lifetime configured on the KDC."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:367
+#: sssd-krb5.5.xml:376
msgid "krb5_renew_interval (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:370
+#: sssd-krb5.5.xml:379
msgid ""
"The time in seconds between two checks if the TGT should be renewed. TGTs "
"are renewed if about half of their lifetime is exceeded, given as an integer "
@@ -8471,56 +8597,89 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:397
+#: sssd-krb5.5.xml:406
msgid "If this option is not set or is 0 the automatic renewal is disabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:415
+#: sssd-krb5.5.xml:424
msgid ""
"<emphasis>never</emphasis> use FAST. This is equivalent to not setting this "
"option at all."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:419
+#: sssd-krb5.5.xml:428
msgid ""
"<emphasis>try</emphasis> to use FAST. If the server does not support FAST, "
"continue the authentication without it."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:429
+#: sssd-krb5.5.xml:438
msgid "Default: not set, i.e. FAST is not used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:432
+#: sssd-krb5.5.xml:441
msgid "NOTE: a keytab is required to use FAST."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:444
+#: sssd-krb5.5.xml:453
msgid "krb5_fast_principal (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:447
+#: sssd-krb5.5.xml:456
msgid "Specifies the server principal to use for FAST."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:456
+#: sssd-krb5.5.xml:465
msgid ""
"Specifies if the host and user principal should be canonicalized. This "
"feature is available with MIT Kerberos 1.7 and later versions."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:505
+#: sssd-krb5.5.xml:514
msgid "Default: false (AD provider: true)"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:520
+msgid "krb5_map_user (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:523
+msgid ""
+"The list of mappings is given as a comma-separated list of pairs "
+"<quote>username:primary</quote> where <quote>username</quote> is a UNIX user "
+"name and <quote>primary</quote> is a user part of a kerberos principal. This "
+"mapping is used when user is authenticating using <quote>auth_provider = "
+"krb5</quote>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd-krb5.5.xml:535
+#, no-wrap
+msgid ""
+"krb5_realm = REALM\n"
+"krb5_map_user = joe:juser,dick:richard\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:540
+msgid ""
+"<quote>joe</quote> and <quote>dick</quote> are UNIX user names and "
+"<quote>juser</quote> and <quote>richard</quote> are primaries of kerberos "
+"principals. For user <quote>joe</quote> resp. <quote>dick</quote> SSSD will "
+"try to kinit as <quote>juser@REALM</quote> resp. <quote>richard@REALM</"
+"quote>."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-krb5.5.xml:65
msgid ""
@@ -8532,7 +8691,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-krb5.5.xml:521
+#: sssd-krb5.5.xml:566
msgid ""
"The following example assumes that SSSD is correctly configured and FOO is "
"one of the domains in the <replaceable>[sssd]</replaceable> section. This "
@@ -8541,7 +8700,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-krb5.5.xml:529
+#: sssd-krb5.5.xml:574
#, no-wrap
msgid ""
" [domain/FOO]\n"
generated by cgit (git 2.34.1) at 2024-04-19 00:09:19 +0000